H-ISAC TLP White: Threat Bulletin: Microsoft Edge Addresses Exploited Zero-Day Vulnerability

On August 22, 2024, Microsoft released an urgent security update for Microsoft Edge to address a critical zero-day vulnerability actively exploited in the wild. The vulnerability is tracked as CVE-2024-7971. Microsoft Edge uses the Google Chrome V8 engine, which is affected by the flaw. In the case of successful exploitation, a threat actor could use this flaw for remote code execution by sending a crafted HTML page.

The flaw is undergoing active exploitation, underlining the urgency for Edge users to update their browsers as soon as possible. Timely updates, enhanced security measures, and ongoing vigilance are crucial to protecting sensitive patient data and maintaining the integrity of healthcare operations. Members are advised to apply the recommendations from the following sections.

Recommendations:

1. Immediately update the Microsoft Edge browser.
2. Train staff on keeping browsers updated and recognizing potential phishing attempts.
3. Implement strict network segmentation to limit the possibility of lateral movement.
4. Continuously monitor systems and logs for any sign of suspicious activity.
5. Review and update incident response plans to include procedures for addressing browser-based vulnerabilities and potential data breaches.
6. Review the Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients resources.