Millions of Windows users may be unknowingly exposed to new browser security threats, as Microsoft Edge comes under scrutiny following a fresh advisory from India’s national cyber agency. The warning underscores how even trusted, pre-installed software can become a weak point if left unpatched.
Earlier this week, the Indian Computer Emergency Response Team (CERT-In) issued a security bulletin highlighting multiple vulnerabilities in Microsoft Edge. Notably, while the issue was initially described as medium severity, the agency ultimately categorized the overall risk as high—an escalation that has raised concerns among individual users and enterprises alike.
Microsoft Edge Vulnerabilities: What CERT-In Discovered
According to the CERT-In advisory dated January 23, 2026, several weaknesses were identified across core components of the Chromium-based Edge browser. These include flaws related to memory handling in the V8 engine, implementation gaps in Blink, and insufficient validation of untrusted downloads. Meanwhile, issues were also observed in network policy enforcement, Digital Credentials, Split View, and ANGLE graphics handling.
That said, the broader implication is more serious than any single technical flaw. CERT-In warns that a remote attacker could potentially exploit these vulnerabilities by luring users to a specially crafted web page. Once triggered, such exploits may compromise browser integrity and, in some cases, impact the underlying operating system.
Because Microsoft Edge shares its Chromium foundation with Google Chrome—while adding extra features like built-in tools and Copilot AI integration—the attack surface is wider. In practical terms, more features can sometimes mean more opportunities for misuse if security updates are delayed.
Who Is at Risk and Why Updating Edge Matters
Importantly, CERT-In states that the risk applies to all users running Microsoft Edge versions earlier than 144.0.3719.82. This includes home users browsing casually as well as organizations that rely on Edge for daily operations, internal portals, and cloud-based workflows.
From a business perspective, unpatched browser vulnerabilities can translate into data exposure, compliance challenges, and operational downtime. For individual users, the impact may range from unauthorized access to degraded system performance. Notably, browsers act as gateways to almost every online service, making timely updates a critical part of basic cyber hygiene.
For official details, users can review advisories directly from CERT-In and product updates from Microsoft Edge.
How to Update Microsoft Edge on Windows
Updating Edge is straightforward and takes only a few minutes. Open Microsoft Edge on your Windows PC, navigate to the settings menu, and select the “About” section. The browser will automatically check for the latest version, download available updates, and prompt a restart to apply changes.
Meanwhile, keeping automatic updates enabled ensures future patches are installed without manual intervention. In today’s evolving threat landscape, staying current with browser security updates is no longer optional—it is a baseline requirement for safe and reliable internet use.
