Microsoft has launched a crucial safety replace for Edge Secure Channel on July 1, 2025, addressing a extreme vulnerability that cybercriminals have actively exploited.
The newest Microsoft Edge Secure Channel Model 138.0.3351.65 incorporates essential safety patches from the Chromium mission, together with an pressing repair for CVE-2025-6554, which safety researchers have confirmed is being exploited in real-world assaults focusing on customers worldwide.
Key Takeaways1. Microsoft Edge 138.0.3351.65 launched July 1, 2025, with pressing safety patches.2. CVE-2025-6554 vulnerability is being exploited by cybercriminals in real-world assaults.3. Replace patches for each Chromium vulnerability (CVE-2025-6554) and Edge-specific subject (CVE-2025-49713).
Important Zero-Day Vulnerability Patched
Essentially the most vital safety repair on this replace addresses CVE-2025-6554, a vulnerability that the Chromium safety group has flagged as having lively exploits circulating within the wild.
This classification signifies that malicious actors are already leveraging this safety flaw to compromise methods, making quick patching important for all Microsoft Edge customers.
The vulnerability impacts the underlying Chromium engine that powers Microsoft Edge, doubtlessly permitting attackers to execute arbitrary code or achieve unauthorized entry to delicate person information.
Zero-day vulnerabilities like CVE-2025-6554 symbolize a number of the most harmful safety threats as a result of they’re found and exploited by attackers earlier than builders can create and distribute patches.
The truth that this vulnerability has been actively exploited underscores the urgency of making use of this safety replace instantly.
Customers who delay putting in this patch stay weak to classy assaults that would compromise their private info, company information, or system integrity.
Past the crucial Chromium vulnerability repair, Microsoft has additionally addressed CVE-2025-49713, a safety subject particular to Microsoft Edge’s implementation.
This extra patch demonstrates Microsoft’s dedication to securing each the underlying Chromium basis and its proprietary enhancements to the browser.
CVEsDescriptionImpactCVSS 3.1 ScoreCVE-2025-6554Chromium vulnerability with lively exploits within the wild, permitting potential arbitrary code executionMicrosoft Edge (variations previous to 138.0.3351.65), Chromium-based browsers8.1 (Excessive)CVE-2025-49713Microsoft Edge-specific safety vulnerabilityMicrosoft Edge (variations previous to 138.0.3351.65)8.8 (Excessive)
Replace Now
Microsoft strongly recommends that every one customers replace their Microsoft Edge browser to model 138.0.3351.65 or later instantly.
Customers can confirm their present model and set up updates by navigating to edge://settings/assist in their browser.
The replace course of is automated and requires minimal person intervention, making it accessible for customers of all technical ability ranges to guard themselves in opposition to these actively exploited vulnerabilities.
Examine reside malware habits, hint each step of an assault, and make quicker, smarter safety choices -> Attempt ANY.RUN now
