Hi,
I have Patch My PC syncing daily and an ADR in SCCM/MECM for Edge, Chrome, and FireFox to push out immediately if the severity is Important or Critical. We use Tenable to scan our assets for vulnerabilities and according to the last report we did Microsoft Edge has a 'High' vulnerability and Edge needs to be updated to a minimum of 113.0.1774.50. When I look at the Edge PMPC updates the last one that was Important or Critical was 113.0.1774.35. Everything after that is Moderate. So I guess I'm trying to find out how the severity is assessed by Patch My PC compared to Tenable. Thank you.
----
Microsoft Edge (Chromium) < 113.0.1774.50 / 112.0.1722.84 Multiple Vulnerabilities
VULNERABILITY HIGH
Hello
Sorry for the delay. We set the criteria based on a variety of things including information provided and a list of the CVEs from Chrome. AS per the Chrome Releases: Stable Channel Update for Desktop (googleblog.com)
CVE - CVE-2023-2721 (mitre.org)
AND it actually has 5 other high/important CVEs!! So, based on a variety of criteria that defines how that value is set.
Hopefully that adds further clarify here.