Forum Discussion

Iron Contributor

Mar 29, 2022

Solved

CVE-2022-1096 - Edge Extended Stable Track

Hello,

Can anyone confirm whether Edge Extended Stable 98.0.1108.92 contains the fix for CVE-2022-1096? Our org's information security team has some urgency attached to this and I'd prefer not to have to switch tracks.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1096

Thanks!
Andrew

Kelly_Y
Mar 29, 2022
AndrewSAIF Hello! Our developers have said the fix for CVE-2022-1096 was backported to MS Edge Extended Stable v98.0.1108.92.

Currently Microsoft Edge is aligned with Chrome in regards to the disclosure of Security Updates for Extended Stable releases. We are evaluating ways to make improvements in the future. Thanks!

-Kelly

3 Replies

Kelly_Y
Microsoft
Mar 29, 2022
AndrewSAIF Hello! Our developers have said the fix for CVE-2022-1096 was backported to MS Edge Extended Stable v98.0.1108.92.

Currently Microsoft Edge is aligned with Chrome in regards to the disclosure of Security Updates for Extended Stable releases. We are evaluating ways to make improvements in the future. Thanks!

-Kelly
- AndrewSAIF
  Iron Contributor
  Mar 29, 2022
  Thanks for the quick response, Kelly. I think it would be less confusing for folks if the Edge Extended Stable versions called out critical security patches similar to the regular Stable versions on the Release Notes page.
  
  Appreciate the info!
  Andrew
  - Joachim_T
    Iron Contributor
    Mar 30, 2022
    AndrewSAIF
    Kelly_Y
    
    Thats what i am begging for since weeks.
    
    No documented security fixes in extended stable channel - Microsoft Tech Community
    
    and
    
    Still no extended stable with urgent security Fixes in download - Microsoft Tech Community