In June 2025, a security vulnerability identified as CVE-2025-6557 was disclosed, highlighting insufficient data validation in the Developer Tools (DevTools) component of Google Chrome. This flaw allowed remote attackers to execute arbitrary code by convincing users to perform specific UI actions on a crafted HTML page. The vulnerability affected Chrome versions prior to 138.0.7204.49 on Windows systems.
Given that Microsoft Edge is built upon the Chromium engine—the same foundation as Google Chrome—it inherited this vulnerability. Microsoft promptly addressed the issue by integrating the necessary Chromium security updates into Edge. Users are advised to update their browsers to the latest versions to ensure protection against such vulnerabilities.
This incident underscores the importance of regular software updates and the interconnected nature of modern web browsers. By maintaining up-to-date software, users can mitigate potential security risks associated with such vulnerabilities.
Source: MSRC Security Update Guide - Microsoft Security Response Center