CERT-In Flags High-Severity Security Flaws in Microsoft Edge, Urges Users to Update Immediately

Microsoft Edge users in India have been issued an urgent security advisory after the Indian Computer Emergency Response Team (CERT-In) identified serious vulnerabilities in the popular web browser. The warning, released this week, assigns the flaws a high-severity rating, signalling potential risks for both individual users and businesses that depend on Edge for daily operations.

Edge, which runs on the Chromium engine similar to Google Chrome, comes pre-installed on most Windows computers. Its deep integration with the operating system and added features such as AI-powered Copilot support make it a widely used browser. However, this same integration also means that any security gap could have broader consequences for devices and sensitive data.

According to CERT-In’s bulletin dated January 23, 2026, multiple weaknesses affect key components of the browser’s architecture. These vulnerabilities could allow cybercriminals to execute malicious actions simply by tricking users into visiting a compromised or specially crafted webpage.

The agency explained the seriousness of the situation in its official note:

“Multiple vulnerabilities exist in Microsoft Edge due to Out of bounds memory access in V8, Inappropriate implementation in V8 and Blink, Insufficient validation of untrusted input in Downloads, Incorrect security UI in Digital Credentials, Insufficient policy enforcement in Network, Incorrect security UI in Split View, Use after free in ANGLE. A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page," the agency says in its note.

These technical flaws impact critical browser functions such as memory handling, downloads, and network policies. Security experts warn that attackers could exploit them to crash systems, steal data, or potentially gain unauthorized control over a device.

Because Edge is widely used across homes, offices, and enterprises, the advisory applies broadly. From everyday users browsing the internet to companies managing confidential information, anyone running outdated versions of Edge may be exposed.

CERT-In has specifically cautioned that systems operating Microsoft Edge versions earlier than 144.0.3719.82 are vulnerable. Users are strongly advised to install the latest update without delay to reduce the risk.

Updating the browser is straightforward. On a Windows PC, open Edge and click the three-dot menu in the top-right corner. From there, select Help and Feedback, then About Microsoft Edge. The browser will automatically check for updates, download the latest version, and prompt a restart to complete installation.

Cybersecurity specialists recommend enabling automatic updates to ensure ongoing protection. With online threats growing more sophisticated, keeping browsers current remains one of the simplest and most effective defenses.

For now, the message from authorities is clear: update Edge immediately to stay safe.