CVE-2026-11629: Use-After-Free in Chromium Ozone & Edge
🟠 High | Source: Microsoft Security Response Center A use-after-free vulnerability (CVE-2026-11629) has been identified in the Ozone windowing framework within the Chromium engine. Microsoft Edge, being Chromium-based, is affected and has ingested the fix from Google Chrome. Use-after-free flaws can allow attackers to execute arbitrary code by manipulating freed memory, potentially compromising the browser and the underlying system. Security Architect’s Take: Ensure Microsoft Edge is updated to the latest Chromium-based release across all managed endpoints and virtual desktop environments, including Azure Virtual Desktop. Prioritise patching for any users accessing sensitive cloud consoles or internal tooling via Edge. ...