Back to The Local Vocal
The Local VocalMedium
Email
Medium riskEncountered ViaAPPLICATION 3 July 2026
RegionNew Zealand

Scammers have found a ‘back door’ in your Windows browser.

A critical zero-day vulnerability in Microsoft Edge is currently being exploited by attackers to target New Zealand organisations.

The National Cyber Security Centre (NCSC) has confirmed that attackers are actively utilising a flaw in the Microsoft Edge browser to gain remote access to Windows devices. This "zero-day" vulnerability allows malicious code to be executed if a user visits a compromised website.

Source: Microsoft Edge Security Release Notes

Technical advisory

Systems affected

Microsoft Edge (Chromium-based) versions prior to 149.0.4022.62.

How to tell if you're at risk

You are using Microsoft Edge on a Windows device and have not yet updated to the latest security patch.

How to tell if you're affected

Check your browser version by going to Settings > About Microsoft Edge. If your version is lower than 149.0.4022.62, your system is vulnerable.

Source
NCSC