Google Project Zero discovered a medium security flaw Microsoft Edge browser and immediately reported it to Microsoft in November 2017. However, Microsoft is yet to take any serious step to tackle this issue.
With this flaw, hackers could bypass Microsoft Edge’s existing security measures to inject malicious code into a victim’s computer.
Google, through its Project Zero, alerted Microsoft about a bug in November, giving the company the usual 90-day disclosure deadline. And now, the 90 days disclosure has elapsed and, the team of security analysts employed by Google tasked with finding zero-day vulnerabilities – Project Zero -went public with the details of the security flaw.
Now that bug is still there left unfixed, its advisable for you stay away from Microsoft Edge browser pending Microsoft wakes up from its slumber and work on the vulnerability.