Microsoft: This new browser feature is 'huge step forward' against zero-day threats

Microsoft has shown off a new measure for admins to protect web-browsing users on Chromium-based Edge from zero days, which are previously unknown software flaws. 

The latest Edge beta introduces a new browsing mode in Edge “where the security of your browser takes priority”. For admins who fear web-based attacks on desktop systems via the browser, this feature gives them the option to “mitigate unforeseen active zero days”. Enabling this mode can be configured, so that important sites and line-of-business applications “continue to work as expected,” according to Microsoft’s release notes

The security-focused Edge mode, spotted by Bleeping Computer, brings several Windows exploit mitigation technologies into play, including Hardware-enforced Stack Protection, Arbitrary Code Guard (ACG), and Control Flow Guard (CFG)

SEE: Your cybersecurity training needs improvement because hacking attacks are only getting worse

Windows 10’s ACG helps thwart web attacks that attempt to load malicious code into memory by ensuring only properly signed code can be mapped into memory.

ACG and CFG were key motivations behind Microsoft’s move last year to introduce Edge Super Duper Secure Mode, which turns off Edge’s Chromium JavaScript just-in-time (JIT) compiler to allow those exploit mitigations, as well as Intel’s Control-flow Enforcement Technology (CET), to work. The JIT

Read More: https://www.zdnet.com/article/microsoft-says-its-new-browser-feature-is-huge-step-forward-against-zero-day-threats/#ftag=RSSbaffb68