Opinions, tips, and news orbiting Microsoft
The window.external.getHostEnvironmentValue() method is an Edge-only, non-standards-based way for web developers to access information about the browser and platform. In this article, we’re announcing our plan to deprecate this method an
The post Deprecating window.external.getHostEnvironmentValue() appeared first on Windows Blog.
Continue reading Deprecating window.external.getHostEnvironmentValue()
As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics. These campaigns use malicious hyperlinks and attachments to deliver credential phishing and malware including RaccoonO365, AHKBot, Latrodectus, BruteRatel C4 (BRc4), and Remcos.
The post Threat actors leverage tax season to deploy tax-themed phishing campaigns appeared first on Microsoft Security Blog.
Continue reading Threat actors leverage tax season to deploy tax-themed phishing campaigns
Access of resource using incompatible type (‘type confusion’) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-25000 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2025-25001 Microsoft Edge for iOS Spoofing Vulnerability
Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network. Continue reading CVE-2025-29815 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network. Continue reading CVE-2025-29796 Microsoft Edge for iOS Spoofing Vulnerability