Microsoft has been pretty aggressive in marketing its Edge browser and even launched two commercials earlier this year specifically pointing out its advantages over rival Chrome. After being silent for a while, it appears that Google finally counterattacked by disclosing Edge’s security flaw.
Google’s Project Zero, which found the vulnerability last November, h released the technical details of their discovery. Due to the existence of the flaw, it is theoretically possible for hackers to bypass Edge’s security features and insert their own malicious code into their target’s computer. While indeed a possibility, it must be noted there has been no reported instance of the problem being successfully taken advantage of by hackers so far.
#infosec #technews Google Disclosed a Microsoft Edge Zero-day Bug Before Patch is Released – 90-day Deadline Crossed https://t.co/9fi03mfNrs #CVE_vulnerability #Security_News #google #cybersecurity #tech pic.twitter.com/jueaO1xDEB
— dumbwire TechNews 💾 (@dumbwire) February 20, 2018
Google’s policy gives companies 90 days after its discovery to fix any security flaw before announcing its findings. Since the discovery was made back in November and Microsoft has yet to roll out a patch to address the problem, the Project Zero team decided to make the issue public.
Apparently, Microsoft is still working on a fix for Edge’s security issue. In a response to Google’s disclosure, Microsoft announced plans to release a patch by mid-March.
“The fix is more complex than initially anticipated, and it is very likely that we will not be able to meet the February release deadline due to these memory management issues. The team is positive that this will be ready to ship on March 13th.”
Microsoft has been trying its best to cut into Google Chrome's nearly 60 percent worldwide browser market share. Early this year, it released two ads touting the advantages of the Edge browser over its rival.
In one of the ads, Microsoft boldly claimed that Edge was 48 percent faster than Chrome. In another ad, the company tried to convince internet users that Edge was also more secure, blocking 18 percent more phishing attacks than Chrome.