Microsoft beefs up Edge's security against zero-day attacks
- 23 January, 2022 20:40
In the latest release of its Edge beta, Microsoft introduced a new way for IT admins to better secure the Chromium-based browser against web-based attacks.
The release notes for Microsoft Edge Beta Channel describe the new security features as employing several techniques to guard against so-called zero-day exploits; Zero-day exploits are software or network vulnerabilities developers are unaware of, and so they’ve not been patched.
Imagine if the keylock mechanism on your home’s backdoor was faulty and jiggling the doorknob released the latch. Burglars could walk door to door looking for that particular vulnerability and jiggle doorknobs until one opened. Zero days are the same concept, but in cyberspace.
IT systems are increasingly coming under assault by new viruses, cyberwarfare, and brute-force attacks. One of the easier avenues into an organisation’s systems is through a known, but unpatched, vulnerability — especially one outside an organisation’s firewalls (i.e., an end-user’s device).
Hackers — both good and bad actors — sell zero-day exploits they discover. The good guys sell them to corporations to bolster their security; the bad guys sell them to other bad actors. For example, at the beginning of the pandemic, hackers sold software vulnerabilities discovered in the video conferencing app Zoom; one exploit was for Windows PCs, the other, for macOS systems. The hackers allegedly saw a half million-dollar payday.
Microsoft’s new Edge feature enables admins to configure certain Group Policies for end-user desktops (Windows, macOS, and Linux) to help protect against zero-day vulnerabilities. When turned on, the feature adds Hardware-enforced Stack Protection, Arbitrary Code Guard (ACG), and Content Flow Guard (CFG) as supporting security mitigations to better protect users online. The group policies include: EnhanceSecurityMode; EnhanceSecurityModeBypassListDomains; and EnhanceSecurityModeEnforceListDomains.
The update to the Edge beta also introduces a custom primary password feature. While the browser already allows users to add an authentication step before saved passwords are auto-filled in web forms (in other words, two-factor authentication), being able to creat a custom password adds yet another layer of privacy and helps prevent unauthorised users from using saved passwords to logon to websites.
Custom primary password is an evolution of that same feature, where users can now use a custom string of their choice as their primary password. After it's enabled, users will enter this password to authenticate themselves and have their saved passwords auto-filled into web forms.
Along with the new security features, other improvements include a fix for an issue where default search providers can't be removed, a small tweak to show search suggestions immediately when you click on the address bar, and the addition of Web Capture when viewing PDFs in Microsoft Edge.
Finally, Microsoft has updated its scrollbars with an overlay-based design in Edge. Users can turn this feature on in edge://flags.
Enabling this feature hides the toolbar, and prevents your scrollbar from appearing, requiring a user to hover the mouse over the edge of your window to trigger the scrollbar to appear.
Disabling it will make the toolbar automatically appear.