Microsoft has unveiled a new optional security feature for its Edge browser, aiming to provide tighter security measures for users accessing unknown sites.
The “Enhanced security mode” bolsters defense against memory-linked vulnerabilities by deactivating the just-in-time (JIT) JavaScript compilation. Simultaneously, it launches extra OS-based browser protections, like the arbitrary code guard and hardware-backed stack protection, Microsoft explains.
These adjustments establish a “multi-layered defense” approach, complicating the exploitation of undetected vulnerabilities by malevolent sites aiming to insert executable code into memory.
According to Microsoft, while offering a dynamic browsing experience using tools like JavaScript is beneficial, it also escalates the risks tied to harmful sites. “The enhanced security mode in Microsoft Edge minimizes attack risks by auto-applying rigorous security protocols for unknown sites, adjusting as users’ browsing habits evolve,” the tech giant stated.
Setting a Benchmark At present, neither Chrome nor Firefox provide similar functions, though users can choose to deactivate certain features, including JIT.
Apple, on the other hand, recently unveiled “Lockdown Mode” for Safari. This new feature, meant to defend users from concentrated cyber-threats, also deactivates JIT and other advanced web technologies unless a site is deemed trustworthy. This security measure primarily aims to shield individuals like journalists, activists, and politicians from malicious software.
Microsoft’s Edge security division shared insights from their trials with this feature in August 2021 and February 2022.
Introduced in the Microsoft Edge version 104, which launched on August 5, this feature remains inactive by default and offers three operational modes.
The recommended ‘basic’ setting offers “augmented security for less frequented sites” while ensuring an undisturbed experience for commonly accessed sites, Microsoft clarified.
Unlike the basic mode, the ‘balanced’ mode is more dynamic, adjusting based on users’ site interactions and Microsoft’s risk assessment across the web. It allows familiar sites full web access while restricting new and unknown sites.
The ‘strict’ mode offers intensified protection across all sites but may not be suitable for the average user due to the extra setup necessary to maintain their usual activities.
For each mode, users have the option to whitelist trusted sites, and corporate administrators have the flexibility to curate ‘allow’ and ‘deny’ site lists.
Currently, the feature does not support sites using WebAssembly (WASM). Those requiring WASM can be whitelisted.
When the enhanced security mode is active for a specific site, users will see an ‘added security’ notification in the URL navigation bar.
Secure Your Digital World with NY TriTech!
In today’s interconnected world, the threats are real and evolving. Whether it’s from a cyber-attack, data breach, or other vulnerabilities, your security can never be too robust. This is where NY TriTech steps in.
Our mission? To be the guardian of your digital domain. We’re committed to shielding our clients from potential threats, ensuring that their operations run smoothly and securely. With our state-of-the-art tools, expert team, and proactive approach, you can trust us to keep the digital part of your world safe and sound.
🔒 Why choose NY TriTech?
- Experience: Years of expertise means we know what threats to look for and how to counteract them.
- Innovation: We’re always updating our methods to tackle the latest challenges head-on.
- Commitment: Your safety is our utmost priority. Every client is a partner, and we’re dedicated to your protection.
📢 Act Now! Don’t wait for a threat to manifest. Partner with NY TriTech today and fortify your defenses. Because in a world full of uncertainties, being prepared isn’t just a choice; it’s a necessity.
Contact us now and let NY TriTech be your trusted shield in the digital age. Because your safety isn’t just our business – it’s our promise. 🛡️🌐
