Microsoft Edge Gains New Security Modes


Microsoft Edge: Without much fanfare, as befits security concerns, Microsoft has added to its Edge browser a new feature to keep its users safe: Super Duper Secure Mode, described as “a browsing mode in Microsoft Edge where your browser’s security takes precedence, providing an extra layer of protection when browsing the web.”

Tested by the Edge Vulnerability Research team since August, the powerful security feature will be available to all users who update their Microsoft browser to stable version 96.0.1054.29 or later. After the update, Balanced and Strict modes will be available, according to the security level desired by the user.

Announced by Research Leader Johnathan Norman on his Twitter account on Monday (22), Super Duper had its two modes (partially) explained as: “Balanced learns which sites you use often and trust on them Strict is good… strict 🙂 Users can now add their own exceptions. Still working in WASM [WebAssembly]”.

How does Microsoft Edge’s Super Duper Secure Mode work?

To make the Edge browser more secure, Super Duper Secure mode disables JIT (Just-in-Time) compilation of Java Script, which is considered to be the gateway to nearly 45% of all CVEs (Common Vulnerabilities and Exposures). ). At the same time, the new security engine activates the Control-flow Enforcement Technology (CET), an exploit mitigation system based on Intel’s hardware to protect PCs from malware.

In practice, the suspension of the JIT causes the attack surface to be greatly reduced. “This reduction” – explains Norman – “kills half of the bugs we see in exploits and every remaining bug becomes more difficult to exploit. In other words, we reduce costs for users, but increase costs for attackers,” he joked.