Alert GCSA-26034 - Vulnerabilita' in Microsoft Edge
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26034
Data: 9 Marzo 2026
Titolo: Vulnerabilita' in Microsoft Edge
******************************************************************
:: Descrizione del problema
Sono state identificate vulnerabilita' multiple in Microsoft Edge
che potrebbero essere sfruttate da un attaccante remoto per
eludere restrizioni di sicurezza, rivelare informazioni sensibili,
manipolare dati, eseguire codice arbitrario ed innescare condizioni
di Denial of Service su un sistema che sia affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Microsoft Edge versioni precedenti alla 145.0.3800.97
:: Impatto
Denial of Service
Remote Code Execution
Information Disclosure
Security Restriction Bypass
Data Manipulation
:: Soluzioni
Aggiornare il software all'ultima versione disponibile
L'aggiornamento avviene in modo automatico.
E' possibile verificare la versione attualmente in uso
scegliendo dal menu "Impostazioni e altro"
(icona 3 punti verticali in alto a dx) la voce
Guida e feedback -> Informazioni su Microsoft Edge
:: Riferimenti
Security Update Guide
https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3536
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3538
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3539
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3540
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3541
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3542
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3543
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3544
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3545
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaa6RGg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCrlcAn2Y+5BbqO2aZQGYRTaOkF7OtsJTpAJ96veF8aHkP
Td59s+mVs26Y3A820w==
=u5at
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26034
Data: 9 Marzo 2026
Titolo: Vulnerabilita' in Microsoft Edge
******************************************************************
:: Descrizione del problema
Sono state identificate vulnerabilita' multiple in Microsoft Edge
che potrebbero essere sfruttate da un attaccante remoto per
eludere restrizioni di sicurezza, rivelare informazioni sensibili,
manipolare dati, eseguire codice arbitrario ed innescare condizioni
di Denial of Service su un sistema che sia affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Microsoft Edge versioni precedenti alla 145.0.3800.97
:: Impatto
Denial of Service
Remote Code Execution
Information Disclosure
Security Restriction Bypass
Data Manipulation
:: Soluzioni
Aggiornare il software all'ultima versione disponibile
L'aggiornamento avviene in modo automatico.
E' possibile verificare la versione attualmente in uso
scegliendo dal menu "Impostazioni e altro"
(icona 3 punti verticali in alto a dx) la voce
Guida e feedback -> Informazioni su Microsoft Edge
:: Riferimenti
Security Update Guide
https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3536
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3538
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3539
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3540
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3541
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3542
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3543
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3544
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3545
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaa6RGg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCrlcAn2Y+5BbqO2aZQGYRTaOkF7OtsJTpAJ96veF8aHkP
Td59s+mVs26Y3A820w==
=u5at
-----END PGP SIGNATURE-----