Nagisa

Level 1
Verified
I'm using Windows Defender with hardened settings via configure_defender. So, there is no additional 3rd party web filter, other than the malwarebytes extension and neustar DNS.

Edge has Smartscreen filter, Google Chrome has Google safe browsing. Also I guess Google is faster than Microsoft when it comes to patching vulnerebilities.

Which one would be more secure?
 

Moonhorse

Level 26
Verified
Content Creator
Theyre pretty much equal since both are running on chromium

Unless google decides to limit microsoft access on their web store somehow, when it comes into security extensions

Its just up to you wich one you like ,there is not huge gap between those two browsers in security
 

Raiden

Level 13
Verified
Content Creator
Both are based off Chromium, so security wise they are more or less equal. As it has already been stated the Edge browser has Smartscreen, which is very good. Personally with the Edge browser, you really only need an ad blocker, as Smartcreen is essentially your web filter. You could add another like Malwarebytes, Emsisoft, etc...if you feel like you need more, but IMHO Smartscreen is sufficient. If you turned on Network protection via Configure Defender, that's kind of a web filter in a way if I'm not mistaken, but Smartscreen in Edge will do the heavy lifting.

When it comes to patching, Chrome may be ever so slightly faster, but I can safely assume that Microsoft would apply those security patches very quickly, so I don't think you would be left vulnerable for very long.

both should be great honestly. the real question is will both limit adblocking or just google chrome.
From my understanding the adblocking issue pretty much applies to Chrome only, but it will become part of Chroumum, thus affecting other Chromium based browsers. Google did state however, that 3rd party browsers such as Edge can do their own thing if they want, meaning they don't have to follow Google when it comes to Manifest 3.
 
Last edited:

upnorth

Level 34
Verified
Trusted
Content Creator
Security Vulnerabilities Published In 2019.
 

Telos

Level 17
Verified
Content Creator
Edge is another way I wean myself from the Google eco-system. I can't say that Microsoft is better when it comes to privacy (I don't log into Edge), but I feel less like my personal data is marketed/abused to the extent Google employs.
 

Gandalf_The_Grey

Level 21
Verified
Security Vulnerabilities Published In 2019.
The Edge vulnerabilities are for the current Edge not for the new chromium based one.
Those would be the same as for Chrome? :unsure:
 

upnorth

Level 34
Verified
Trusted
Content Creator

Nagisa

Level 1
Verified
Thanks for your replies.
Theyre pretty much equal since both are running on chromium
Excuse me, but afaik, the microsoft edge still uses its own edgeHTML engine. I'm using the manistream browser, not the beta one.

But when the edge become fully chromium-based, would this be mean that it will has both chromium sandbox plus smartscreen features? Also I'm planning to use edge browser with hardened settings via windows exploit guard.
 

Raiden

Level 13
Verified
Content Creator
Thanks for your replies.

Excuse me, but afaik, the microsoft edge still uses its own edgeHTML engine. I'm using the manistream browser, not the beta one.

But when the edge become fully chromium-based, would this be mean that it will has both chromium sandbox plus smartscreen features? Also I'm planning to use edge browser with hardened settings via windows exploit guard.
Sorry assumed you were talking about the new Edge browser hehe. It's what I'm using and I think everyone has pretty much written off the current version in favor of the new Chromium based browser.

In terms of security Edge is pretty good, MS is pretty quick patching issues via their patch Tuesday updates. Chrome may be a little more secure as you can tweak it more and you have more addon support if needed.

As to the new Edge Chromium based browser, it has smartscreen built in like the current version and takes advantage of other security features such as sandboxing and stuff that is part of the current version. If you haven't already, I would give it a try. I use the Dev version and actually it's quite stable, I haven't had any issues whats so ever thus far. It can also use all the extension that Chrome can use as well, for the most part, so if you haven't already I would maybe try it out!


Actually, I was wondering while reading the comments, why everyone immediately assumed that you're using Chromium Edge while you didn't even mention that in your post. Everyone forgot about the original Edge :ROFLMAO:
Ya I think ever since the release of the Edge Chromium based browser everyone has pretty much written it off.:ROFLMAO:
 
Last edited:

oldschool

Level 35
Verified
Old Edge runs in its own app container and with Smartscreen is plenty safe. It provides excellent security for reading PDFs. It also has a lot less market share so you can factor in security through obscurity. No way old Edge is anything like vulnerable Internet Explorer (which amazingly some people set in their ways still use, e.g. read some posts on Wilders. :emoji_astonished:) Edge over Google because it is plenty secure and better privacy-wise. (y)
 

Marana

Level 1
For security: Edge-chromium when enabling Code Integrity Guard in Windows Defender exploit protection (only allowing Microsoft signed DLL's to load into Edge-chromium).

View attachment 215891
Hmm.... this is interesting. I did some experiments with @shmu26 's ComodoFix configuration and it seems that CFW wants msedge.exe to load Comodo's guard64.dll from Windows\system32 (which of course is not signed by Microsoft, so it will not be loaded and Windows throws an error message when starting Edge).

So apparently CFW is not compatible with Code Integrity Guard(?)

I mean that I was unable to find a way to exclude msedge.exe from CFW so that it would not try to load guard64.dll. (Or maybe I was just unable to find the correct CFW setting to apply the exclusion...)
 
  • Like
Reactions: oldschool

Windows_Security

Level 23
Verified
Trusted
Content Creator
Hmm.... this is interesting. I did some experiments with @shmu26 's ComodoFix configuration and it seems that CFW wants msedge.exe to load Comodo's guard64.dll from Windows\system32 (which of course is not signed by Microsoft, so it will not be loaded and Windows throws an error message when starting Edge).

So apparently CFW is not compatible with Code Integrity Guard(?)

I mean that I was unable to find a way to exclude msedge.exe from CFW so that it would not try to load guard64.dll. (Or maybe I was just unable to find the correct CFW setting to apply the exclusion...)
It is a strong protection and will block DLL's from third-party AV's or other exploit protection programs (e.g. dll from MBAE).
 

Spawn

Administrator
Verified
Staff member
 
  • Like
Reactions: oldschool

Marana

Level 1
It is a strong protection and will block DLL's from third-party AV's or other exploit protection programs (e.g. dll from MBAE).
Yes, indeed it is.

Actually my main point was that I was unable to configure CFW to ignore msedge.exe, i.e. avoiding to load guard64.dll to msedge. But I realize now that I'd better have posted my observation in some CFW thread to avoid drifting off-topic... :emoji_thinking:. I'll try to be more careful in the future :giggle:.
 
  • Like
Reactions: oldschool

Windows_Security

Level 23
Verified
Trusted
Content Creator
Actually the universal law of product design is not that nothing is unhackable, but nothing is perfect. Software is not perfect, because every 1000 lines of code has at least one programming error (six sigma tries to reduce that to every million lines of code). Imperfection caused by bugs make software hackable.

The Code Integrity Guard is an extra shield which block DLL's which are not Microsoft signed. Unless you think it is likely that a Microsoft Signed DLL tries to misuse a vulnability/bug in the Edge-chromium browser, this one and simple Code Integrity Guard rule makes Edge-Chromium stronger against vulnabilities than Google's Chrome.

Since Egde-chromium is build on the same code base as Chromium, only the stuff Microsoft added in the broker process is weaker than the Google Chrome broker process, since Google's programming standards, development tools and (automated) testing services have a lower error rate than Microsoft (last data, from 2015, I had was that Google had 3 tot 4 vulnabilities in every 1000 lines of code and Microsoft has 6 to 7). Despite popular claims about the bugs in M$ software this score puts them in the top-5 (of most reliable software developers).
 
Last edited:

Marana

Level 1
- - Actually my main point was that I was unable to configure CFW to ignore msedge.exe, i.e. avoiding to load guard64.dll to msedge. - -
To answer my own question, CFW can be configured to stop loading guard64.dll to msedge.exe by adding msedge in CFW > Advanced Protection > Miscellaneous > Don't detect shellcode injections in these applications.

So after all, it is possible to run COMODOFIX and enable CIG in msedge simultaneously. (y)