Microsoft Edge Sandboxing: Did you know about this feature?

  • Total voters
    25
D

Deleted member 178

In a recent post, we outlined the layered strategy that the Microsoft Edge security team employs to protect you from vulnerabilities that could be used to compromise your device or personal data. In particular, we showed how Microsoft Edge is leveraging technologies like Code Integrity Guard (CIG) and Arbitrary Code Guard (ACG) to break some of the techniques that hackers rely on when exploiting vulnerabilities to obtain Remote Code Execution (RCE). This is where the attacker seeks to escape from web code (JS and HTML) in the browser to run native CPU code of the attacker’s choosing. This lets the attacker violate all of the browser’s rules for the web, such as same-origin policy, and so it is important to web users that we try as hard as possible to block RCE attacks.

However, despite our best efforts, sometimes attackers get RCE anyway. In this post, we’ll explore some of the significant improvements we’ve made in the Windows 10 Creators Update to strengthen our next line of defense: the Microsoft Edge sandbox.
Must be read article to grasp what is Appcontainer in Edge.
 

Amelith Nargothrond

Level 12
Verified
NSS Labs Findings

  • Microsoft Edge provided the highest SEM protection in the test, blocking as much as 99.0% of SEM and matching several endpoint protection (EPP) products that have been tested by NSS for SEM protection.
  • Both Microsoft’s App Rep and Google’s Download Protection are content-agnostic malware protection (CAMP) technologies.
  • Mozilla Firefox has begun incorporating download protection into the web browser, which is why its block rate has improved compared to its performance in previous NSS browser tests.