Microsoft strengthens Edge’s security against zero-day attacks


In the latest version of its Edge beta, Microsoft has introduced a new way for IT admins to better secure the Chromium-based browser against web attacks.

The Microsoft Edge Beta Channel release notes describe the new security features as employing several techniques to guard against so-called zero-day exploits; Zero-day exploits are software or network vulnerabilities that developers are unaware of and therefore have not been patched.

Imagine if the backdoor locking mechanism in your home was faulty and shaking the doorknob released the latch. Burglars could go door to door looking for that particular vulnerability and shaking doorknobs until one opened. Zero days are the same concept, but in cyberspace.

Computer systems are increasingly under attack from new viruses, cyber warfare and brute force attacks. One of the easiest ways to gain access to an organization’s systems is through an unknown, unpatched vulnerability, especially a vulnerability outside of an organization’s firewalls (i.e., the end-user device). According to Jack Gold, principal analyst at J. Gold Associates, the obvious problem with zero-day exploits is that they are difficult to detect when developers and security administrators don’t know what to look for.

Hackers, whether good or bad, sell the zero-day exploits they discover. The good guys sell them to companies to boost their security; the bad guys sell them to other bad actors. For example, at the start of the pandemic, hackers sold software vulnerabilities discovered in the Zoom video conferencing application; one exploit was for Windows PCs, the other for macOS systems. Hackers reportedly saw a salary of half a million dollars.

Microsoft’s new Edge feature allows administrators to configure certain group policies for end-user desktops (Windows, macOS, and Linux) to protect against zero-day vulnerabilities. When enabled, the feature adds hardware-enforced stack protection, Arbitrary Code Guard (ACG), and Content Flow Guard (CFG) as support for security mitigations to better protect online users. Group policies include: EnhanceSecurityMode; EnhanceSecurityModeBypassListDomains; and EnhanceSecurityModeEnforceListDomains.

“So the surest way to protect browsing is to prevent the browser from interacting with other parts of the machine,” Gold said. “Basically, the safest way to do this is to put the browser in a ‘vault’ where all browser code remains locked in a virtual section of the machine and can’t go anywhere else. It’s basically a policy of containment. What Microsoft is trying to do with the new Edge features is to ensure that anything in the browser cannot interact with apps and/or modify the system. exploitation.”

Stack protection and protection against arbitrary code, Gold explained, prevents any zero-day exploits that have a way out of the browser to the machine. Content tracking is similar in that it prevents interaction with and support for applications (for example, opening an infected document in Word).

“So that’s a big deal,” Gold said. “There are many examples of machines being infected with malware by browsing to the wrong site. Anything to prevent this is good.”

Conversely, setting policies also means that certain sites that legitimately need to access other applications on an end user’s device and/or access parts of the operating system will not be able to do so. do, Gold said. While this may be fine for occasional Internet browsing, the biggest challenge is that if set this way, some internal browser-based applications may not work (for example, pop-up screens to fill in information or get a status).

“So, as with any security technology, there are pros and cons to shutting down specific features. little inconvenience,” said the gold.

There are already other third-party browser implementations that have offered similar “isolated execution” functionality for some time; Edge is now catching up, Gold said.

The Edge beta update also introduces a custom master password feature. While the browser already allows users to add an authentication step before saved passwords are auto-filled into web forms (in other words, two-factor authentication), the ability to create a custom password adds yet another layer of privacy and helps prevent unauthorized users from using saved passwords to log into websites.

Custom Master Password is an evolution of this same feature, where users can now use a custom string of their choice as their master password. Once enabled, users will enter this password to authenticate and their saved passwords will be auto-populated in web forms.

Along with new security features, other improvements include a fix for an issue where default search engines cannot be removed, a small tweak to show search suggestions immediately when you click on the address bar, and the addition of Web Capture when viewing PDFs. in Microsoft Edge.

Finally, Microsoft updated its scrollbars with an overlay-based design in Edge. Users can enable this feature in edge://flags.

Enabling this feature hides the toolbar and prevents your scrollbar from appearing, requiring the user to hover the mouse over the edge of your window to trigger the scrollbar to appear.

If you disable it, the toolbar will appear automatically.

Copyright © 2022 IDG Communications, Inc.

Previous LiquidityBook Hires New Buy-Side Sales Manager
Next US charges 4 Belarusian officials with air piracy for hijacking Ryanair flight