
The Local VocalMedium
Medium riskEncountered ViaAPPLICATION 3 July 2026
RegionNew Zealand
Scammers have found a ‘back door’ in your Windows browser.
A critical zero-day vulnerability in Microsoft Edge is currently being exploited by attackers to target New Zealand organisations.
The National Cyber Security Centre (NCSC) has confirmed that attackers are actively utilising a flaw in the Microsoft Edge browser to gain remote access to Windows devices. This "zero-day" vulnerability allows malicious code to be executed if a user visits a compromised website.
Technical advisory
What's this?Systems affected
Microsoft Edge (Chromium-based) versions prior to 149.0.4022.62.
How to tell if you're at risk
You are using Microsoft Edge on a Windows device and have not yet updated to the latest security patch.
How to tell if you're affected
Check your browser version by going to Settings > About Microsoft Edge. If your version is lower than 149.0.4022.62, your system is vulnerable.
Source
NCSC

