Microsoft today detailed the new technologies they have included in the upcoming Edge browser to defend users from increasingly sophisticated and prevalent attacks. Microsoft has developed industry leading sandboxing, compiler, and memory management techniques developed in close partnership with Windows team at Microsoft. Find the highlights of the security features in Edge below,
- Microsoft Edge does more than facilitate standards compatibility and users with defenses against trickery. It also includes a major overhaul of the DOM representation in the browser’s memory, making the browser’s code more resistant to “burglar” attacks that attempt to subvert the browser.
- Microsoft Edge provides no support for VML, VB Script, Toolbars, BHOs, or ActiveX. The need for such extensions is significantly reduced by the rich capabilities of HTML5, and using HTML5 results in sites that are interoperable across browsers.
- Microsoft Edge is rebooting our browser extension model, allowing it to run its content processes in app containers, not just as a default, but all the time. Thus every Internet page that Microsoft Edge visits will be rendered inside an app container, the latest and most secure client-side app sandbox in Windows.
- Microsoft Edge is also 64-bit, not just by default, but all the time, with the exception of when run on an actual 32-bit processor. 64-bit processes in general, and browser processes in particular, get significant security advantages by making Windows ASLR (Address Space Layout Randomization) stronger.
- Microsoft SmartScreen, originally introduced in IE8, is supported in Microsoft Edge and by the Windows 10 Shell. SmartScreen defends users against phishing sites by performing a reputation check on sites the browser visits, blocking sites that are thought to be phishing sites
- Microsoft EdgeHTML helps in defending against “con man” attacks using new security features in the HTML5 standard.
Read more about it here.