Microsoft Edge version 122.0.2365.52 – 23 Feb 2024

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

Microsoft released an upgrade for the Edge browser on 23 February 2024. The latest stable version of Microsoft Edge is 122.0.2365.52. This is the first release in build 122 of the Microsoft Edge browser.

We are now on build 122 of the Microsoft Edge browser.

  • Microsoft Edge stable channel version 122.0.2365.52 supersedes stable channel version 121.0.2277.128. The last update on the Edge browser took place on 15 February 2024.
  • Edge version 122.0.2365.52 corresponds to the latest Chrome version 122.0.6261.57. Chrome was updated on 20 February 2024.
  • Chromium vulnerabilities – There have been 12 security fixes in the Edge version 122.0.2365.52 update for Windows. 8 of these security vulnerabilities are detected by external researchers. These vulnerabilities are listed below.
  • Microsoft vulnerabilities – There have been 3 security fixes in Edge version 122.0.2365.52 that are specific to Microsoft. These vulnerabilities are shared below.
  • The latest update also contains 4 feature updates for the Edge browser.
  • There are 6 new policies and one policy becomes obsolete in Edge version 122.0.2365.52.
  • The current update also addresses two issues related to PDF files in the Edge browser.

The current update for Edge for Windows 122.0.2365.52 contains fixes that are specific to the Chromium project and Microsoft threats.

Edge version 122.0.2365.52 has a fix for 12 security vulnerabilities in the Chromium project. Eight of these vulnerabilities have been uncovered by external researchers. We have shared these below.

  • 2 of these have a HIGH severity
  • 4 are MEDIUM severity vulnerabilities
  • 2 are LOW severity vulnerabilities
CVE detailsSeverityVulnerability details
CVE-2024-1669HIGHOut of bounds memory access in Blink
CVE-2024-1670HIGHUse after free in Mojo
CVE-2024-1671MEDIUMInappropriate implementation in Site Isolation
CVE-2024-1672MEDIUMInappropriate implementation in Content Security Policy
CVE-2024-1673MEDIUMUse after free in Accessibility
CVE-2024-1674MEDIUMInappropriate implementation in Navigation
CVE-2024-1675LOWInsufficient policy enforcement in Download
CVE-2024-1676LOWInappropriate implementation in Navigation.

There are 3 vulnerabilities that are specific to Microsoft. These have been address in Edge version 122.0.2365.52. We have listed these 3 vulnerabilities below.

CVE detailsCVSS scoreSeverityComments
CVE-2024-261928.2IMPORTANTThis vulnerability could lead to a browser sandbox escape.
CVE-2024-214234.8LOWThe attacker who successfully exploited the vulnerability could have limited ability to perform code execution. Exploitation of this vulnerability only discloses limited information, no sensitive information can be obtained.
CVE-2024-261884.3LOWAn attacker who successfully exploited this vulnerability could use it to cover and spoof elements of the UI. The modified information is only visual.

Microsoft Edge version 122.0.2365.52 resolves the following issues in the browser engine:

  • Resolved an issue where PDF text fields and drop down values were being rendered twice for specific files when using the Microsoft Edge built-in PDF reader powered by Adobe Acrobat.
  • Resolved an issue where printing certain PDF files in landscape mode with the ‘fit to printable area’ option resulted in incorrect printing.

The following features have been updated in Edge 122.0.2365.52:

  • Moving Managed Site Indicator (Briefcase icon) into the lock icon in the address bar omnibox. The briefcase icon which signals that a page is managed via admin policies, has been moved into the lock icon in the address bar. End users can view details about the protections for a given page by clicking the lock icon in the address bar and then clicking the briefcase icon. For more information, see Understand Data loss Prevention in Microsoft Edge.
  • Deprecation of the image enhancement feature. To improve end user experience, the image enhancement feature is deprecated.
  • Configure recommended policies in the Microsoft Edge management service. The Microsoft Edge management service now provides admins with the ability to set recommended policies. This gives end users permission to override their admin’s policy configuration.
  • Microsoft Edge has rebranded Web Capture to “Screenshot”. Microsoft Edge changed the branding for Web Capture with an icon change and renamed the feature to “Screenshot”. Users can easily use content from the web by taking a screenshot of a full page or a selected area. They can mark up the screenshot they took with a pen or touch later. Administrators can control availability using the WebCaptureEnabled policy. For more information, see Screenshot (microsoft.com).

The following new policy updates are applicable for the Edge version 122.0.2365.52:-

The following policy became obsolete:

The following was modified:

  • DiagnosticData – Send required and optional diagnostic data about browser usage. Supported on Windows since Stable 122 or later.

The latest version of Microsoft Edge 122.0.2365.52 can be installed automatically. For this, you can close the browser and open it again. This should force Edge to pull the latest updated version.

Edge can also be updated manually. You can download the offline installer file for Microsoft Edge from the Microsoft Update Catalog site.

The direct download links for Edge version 122.0.2365.52 are shared below:

You can check the Microsoft Edge version installed on your system by following the instructions below:

  1. In your Microsoft Edge browser, click on the 3 dots (…) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge
  4. This should give you the Microsoft Edge version on the system

The current update is being rolled out to the eligible systems.

If you restart the Microsoft Edge browser, your browser should automatically pick the latest version x from the Microsoft Servers.

The following cumulative updates for January 2024 are available:

Rajesh Dhawan

Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.