After announcing the “Super Duper Secure Mode” last year, the Redmond giant has now further jazzed up its browser. With Edge browser 98, Microsoft has introduced enhanced security features for the users.
Microsoft Edge Enhanced Security Features
Sharing the details in a blog post, Johnathan Norman, Microsoft Edge Vulnerability Research Lead, explained how the new Edge browser introduces enhanced security.
Briefly, the tech giant has rolled out several features in its browser, which separately control different activities.
The first of these includes introducing two new features that ensure security beyond JIT attacks. These include Control-flow Enforcement Technology (CET) and Arbitrary Code Guard (ACG). These two features will run in tandem with the Code Integrity Guard (CIG) and Control Flow Guard (CFG) features that Microsoft previously launched last year.
Regarding CET and ACG, Norman explained in the post,
These additional mitigations prevent dynamic code generation in the renderer processes and implement a separate shadow stack to protect return addresses.
The next significant update with the latest version is the introduction of Unique bypass lists. These lists would help users visit their trusted sites without disabling security features on other sites. Microsoft believes that the Unique bypass lists, tailored according to the end-users, would be difficult for an adversary to guess. Hence, it would help reduce XSS attacks.
Currently, the tech giant has introduced these features in “experimental” mode. That means users can activate them on their latest browser versions to test them.
Mac And Linux Support
In addition to the new features, Microsoft has also introduced Linux and Mac support with the latest browser version.
Starting with Microsoft Edge version 99.0.1140.0 on Linux, we added an experimental flag to emulate the ACG feature used on the Windows platform. This can be enabled from edge://flags.
“DrumBrake” Roll Out
Another update that the new Microsoft Edge brings for the users is “DrumBrake” – WASM Interpreter code.
As explained, the biggest hurdle in enabling ACG in the code render is WebAssembly (WASM), which breaks upon enabling ACG. Microsoft now addresses this issue via DrumBrake that provides a secure WASM environment to unblock common WASM use cases without JIT, which Microsoft disabled previously.
Microsoft asks all users trying these experimental features to share their feedback for further improvements.