CVE-2026-11630: Use-After-Free Flaw in Microsoft Edge
🟠 High | Source: Microsoft Security Response Center A use-after-free vulnerability (CVE-2026-11630) has been identified in the File Input component of Chromium, the open-source browser engine underpinning Microsoft Edge. Use-after-free flaws occur when a programme continues to reference memory after it has been freed, potentially allowing an attacker to execute arbitrary code. Microsoft Edge users and enterprise deployments are affected until the Chromium-based patch is applied. Security Architect’s Take: Ensure Microsoft Edge is updated to the latest Chromium-based release across all managed endpoints and virtual desktop environments, including any Azure Virtual Desktop or Windows 365 deployments. Prioritise enforcement via Intune or Group Policy, and review browser auto-update policies to confirm they are active. ...