IRONSMITHINTEL
HIGHCVSS8.8
|
Actively Exploited
|CISA KEV|CVE-2024-4671|Auth: none — visiting a malicious page is sufficient|Reboot: not required|Est. 5 minutes (browser restart only)|Manual only

Microsoft Edge < 124.0.2478.105 — RCE

A use-after-free in the Chromium Visuals component (shared with Edge) allows remote code execution. Update Edge to 124.0.2478.105 or later — this is a Chromium zero-day that affected Edge, Chrome, and all Chromium-based browsers simultaneously.

Published May 10, 2024 · Updated May 10, 2026
Why patchRisk explained in plain English
Worst-case scenarioIf unpatched

An attacker hosting a malicious website can trigger code execution in the Edge renderer process. Combined with a sandbox escape, this enables system-level compromise. Even within the sandbox, attackers can steal session cookies and browser-stored passwords.

How the attack worksNo clicks needed

The Chromium Visuals component handles rendering of web content. A use-after-free vulnerability in this component can be triggered by a specially crafted web page, allowing heap memory corruption that may lead to code execution within the browser process.

📧

Phishing link

🖼

Malicious file

🔓

Server compromised

Am I affected?Quick check

Probably yes if any of these apply:

All Windows users with Edge
IT Administrators
Desktop Support
Running Microsoft Edge prior to 124.0.2478.105

Affected OS versions

Windows 10Windows 11Windows Server 2019Windows Server 2022
Fixed inMicrosoft Edge 124.0.2478.105
Real-world incidentsWhat we've seen

Google disclosed CVE-2024-4671 as an actively exploited zero-day in Chrome on May 9, 2024. Microsoft shipped an Edge update incorporating the Chromium fix the same day. This was the sixth Chrome zero-day patched in 2024. Both CISA and Microsoft urged immediate updates, as the vulnerability affects all Chromium-based browsers including Edge and Brave.

How to patch

Manual remediation steps

5 minutes (browser restart only)

Check Edge Version

# Check installed Edge version
$edgePath = "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe"
if (-not (Test-Path $edgePath)) {
  $edgePath = "$env:ProgramFiles\Microsoft\Edge\Application\msedge.exe"
}
if (Test-Path $edgePath) {
  (Get-Item $edgePath).VersionInfo.ProductVersion
}
# Vulnerable if older than 124.0.2478.105

Update Edge

# Option 1: From Edge browser
# Settings (…) > Help and feedback > About Microsoft Edge
# Edge will auto-download the update

# Option 2: Via winget
winget upgrade Microsoft.Edge

# Option 3: Force update check via PowerShell
$edgeUpdate = "$env:ProgramFiles(x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe"
if (Test-Path $edgeUpdate) {
  & $edgeUpdate /ua /installsource scheduler
}

Enterprise Deployment

# For managed environments, use the Edge Group Policy to enforce updates:
# Computer Configuration > Administrative Templates > Microsoft Edge Update
# Set "Update policy override" to "Always allow updates"

# Or deploy via Intune / SCCM using the Edge MSI from:
# https://www.microsoft.com/en-us/edge/business/download

Verify the Update

(Get-Item "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe").VersionInfo.ProductVersion
# Must show 124.0.2478.105 or later
PowerShell automationComing soon

No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.

References

CVE-2024-4671MSRC AdvisoryNVD