Home Browsers Microsoft beefs up Edge’s security against zero-day attacks

Microsoft beefs up Edge’s security against zero-day attacks

50
0

In the latest release of its Edge beta, Microsoft introduced a new way for IT admins to better secure the Chromium-based browser against web-based attacks.

The release notes for Microsoft Edge Beta Channel describe the new security features as employing several techniques to guard against so-called zero-day exploits; Zero-day exploits are software or network vulnerabilities developers are unaware of, and so they’ve not been patched.

Imagine if the keylock mechanism on your home’s backdoor was faulty and jiggling the doorknob released the latch. Burglars could walk door to door looking for that particular vulnerability and jiggle doorknobs until one opened. Zero days are the same concept, but in cyberspace.

IT systems are increasingly coming under assault by new viruses, cyberwarfare, and brute-force attacks. One of the easier avenues into an organization’s systems is through an unknown, and unpatched, vulnerability — especially one outside an organization’s firewalls (i.e., an end-user’s device). The obvious problem with zero-day exploits is they’re hard to catch when developers and security admins don’t know what to look for, according to Jack Gold, principal analyst at J. Gold Associates.

Hackers — both good and bad actors — sell zero-day exploits they discover. The good guys sell them to corporations to bolster their security; the bad guys sell them to other bad actors. For example, at the beginning of the pandemic, hackers sold software vulnerabilities discovered in the video conferencing app Zoom; one exploit was for Windows PCs, the other, for macOS systems. The hackers allegedly saw a half million-dollar payday.

Microsoft’s new Edge feature enables admins to configure certain Group Policies for end-user desktops (Windows, macOS, and Linux) to help protect against zero-day vulnerabilities. When turned on, the feature adds Hardware-enforced Stack Protection, Arbitrary Code Guard (ACG), and Content Flow Guard (CFG) as supporting security mitigations to better protect users online. The group policies include: EnhanceSecurityMode; EnhanceSecurityModeBypassListDomains; and EnhanceSecurityModeEnforceListDomains.

Copyright © 2022 IDG Communications, Inc.