cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

CVE-2020-15999

NotMyUsername
Occasional Visitor

‎Oct 22 2020 02:02 AM

‎Oct 22 2020 02:02 AM

CVE-2020-15999

Hello,

is Edge concerned by the FreeType 0-day ? If yes, what version fixes it ?

Thanks.

5,793 Views
0 Likes
2 Replies
Reply
2 Replies
HotCakeX

‎Oct 22 2020 02:38 AM

‎Oct 22 2020 02:38 AM

Re: CVE-2020-15999

I don't think it's added to Edge stable yet, could be wrong

 

First, looking at these websites

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002
and here
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security

the latest vision in there is 86.0.622.38
while Edge stable is currently at Version 86.0.622.48

so they haven't updated them yet.

 

second, in Edge stable Version 86.0.622.48, the Chromium version is 86.0.4240.80

 

But CVE-2020-15999 got fixed in 86.0.4240.111

 

https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html

 

0 Likes
Reply
best response confirmed by NotMyUsername (Occasional Visitor)
HotCakeX

‎Oct 22 2020 11:50 AM - edited ‎Oct 22 2020 11:53 AM

‎Oct 22 2020 11:50 AM - edited ‎Oct 22 2020 11:53 AM

Solution

Re: CVE-2020-15999

@NotMyUsername 

Update:

Edge now has this security patch, stable just got updated to Version 86.0.622.51 (Official build) (64-bit)

 

User agentMozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36 Edg/86.0.622.51

 

1 Like
Reply