Microsoft Edge 149.0.4022.80 update arrives with dozens of security fixes

Just last week, we broke down the critical June security update for Google Chrome, which patched seven high-severity flaws. Now, Microsoft has stepped up to the plate. The Redmond giant has rolled out Microsoft Edge stable version 149.0.4022.80, and it is a massive release.

Edge has been my permanent desktop browser for several years now, largely because its startup speed and overall performance consistently outpace the competition in my daily workflow. I’ve just updated my own rig to this latest build, and given the sheer volume of vulnerabilities addressed, I highly recommend every Edge user follow suit immediately.

Here is a deep dive into what this update brings to the table, and why it matters.

What’s under the hood?

Because Microsoft Edge is built on the open-source Chromium engine, its security roadmap runs largely parallel to Google Chrome’s. The core vulnerabilities that threatened Chrome users last week have been fully patched in this new Edge release.

By analyzing the common vulnerabilities and exposures (CVEs) addressed in version 149.0.4022.80, it is clear that Microsoft has comprehensively merged the upstream Chromium fixes into its ecosystem. The memory safety bugs, use-after-free vulnerabilities, and out-of-bounds read errors that plagued the underlying engine are mitigated here.

However, Microsoft didn’t just copy-paste the Chromium patches. A close look at the vulnerability registry reveals an important detail. While the vast majority of the patched flaws fall within the standard Chromium tracking sequence, one specific entry stands out: CVE-2026-32208.

This unique identifier points to a Microsoft-specific vulnerability. It indicates that Microsoft’s internal security team identified and patched an exclusive spoofing flaw tied directly to Edge’s proprietary features, independent of the base Chromium code.

The complete list of patched vulnerabilities

For the security-conscious, we’ve compiled the complete list of CVEs addressed in this rollout. Note that we have removed the duplicate entries initially floating around in the patch notes for absolute clarity.

You can click on any of the links below to view the official documentation for each specific vulnerability:

The Edge-specific patch:

• CVE-2026-32208

The Upstream Chromium Patches:

• CVE-2026-12437
• CVE-2026-12439
• CVE-2026-12440
• CVE-2026-12441
• CVE-2026-12443
• CVE-2026-12445
• CVE-2026-12446
• CVE-2026-12447
• CVE-2026-12449
• CVE-2026-12451
• CVE-2026-12452
• CVE-2026-12453
• CVE-2026-12454
• CVE-2026-12455
• CVE-2026-12456
• CVE-2026-12457
• CVE-2026-12458
• CVE-2026-12459
• CVE-2026-12460
• CVE-2026-12461
• CVE-2026-12462
• CVE-2026-12463
• CVE-2026-12464
• CVE-2026-12465
• CVE-2026-12466
• CVE-2026-12467
• CVE-2026-12468

How to update Microsoft Edge right now

Browser exploits are increasingly utilizing zero-day flaws to execute arbitrary code. Leaving your browser unpatched is leaving the front door open.

To pull this update manually, click on the three-dot menu in the top right corner of Microsoft Edge, navigate to Help and feedback, and click on About Microsoft Edge. The browser will automatically check for the latest version 149.0.4022.80, download the update, and prompt you to restart. Ensure you complete the restart to apply the patches fully.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.