Microsoft Edge Browser Gets Security Boost - InformationWeek
IoT
IoT
Software // Operating Systems
News
5/13/2015
08:05 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%
RELATED EVENTS
Moving UEBA Beyond the Ground Floor
Sep 20, 2017
This webinar will provide the details you need about UEBA so you can make the decisions on how bes ...Read More>>

Microsoft Edge Browser Gets Security Boost

The new Windows 10 browser, Microsoft Edge, is fortified with security measures to keep users safe.

Windows 10, HoloLens, Office: Microsoft Details Its Vision
Windows 10, HoloLens, Office: Microsoft Details Its Vision
(Click image for larger view and slideshow.)

Microsoft is pulling out all the stops to boost the appeal of Windows 10 to a global user audience. Most recently, these efforts have included tighter security measures for new minimalist browser, Microsoft Edge.

Edge, formerly codenamed Project Spartan, is one of the many new features arriving on desktops when Windows 10 launches this summer. The faster, more lightweight platform will replace Internet Explorer as the go-to browser for the majority of users running the new OS. Internet Explorer 11 will continue to be available for business compatibility.

Microsoft hopes to have Windows 10 on 1 billion devices within two to three years after its launch. That signifies a lot of users who could be exposed to security threats if the Edge browser has the same extent of vulnerabilities as its predecessor.

[Windows 10: Microsoft's Last Operating System?]

As a result, security has become a top priority for Microsoft Edge, as described in a May 11 blog post from Microsoft. The Edge team is implementing a series of advanced technologies to protect users from increasingly sophisticated cyberthreats.

In a major change from Internet Explorer, which was built into the Windows OS, Microsoft Edge will be available as a Universal app. This makes the browser easier to update and allows all processes to run in isolated "sandboxes" or "app containers."

Internet Explorer was affected by security vulnerabilities in the Windows OS; Edge will not be.

Edge is also changing Microsoft's browser extension model by allowing its content processes to run in app containers all the time, not just as default. This means that every Web page visited in Edge will be processed in an app container, which the team claims is "the latest and most secure client-side app sandbox in Windows."

Many hackers steal their victims' information by encouraging them to enter their usernames and passwords on the malicious duplicate of a trusted website. To protect against this strategy, Windows 10 will leverage Microsoft Passport technology. Instead of entering plain-text passwords, users will undergo a one-time authentication that unlocks their device and provides access to their accounts.

To further protect against phishing, Microsoft SmartScreen, which was introduced in Internet Explorer 8, will be used throughout Microsoft Edge and Windows 10 Shell to perform reputation checks on websites and block malicious pages.

(Image: Microsoft via Wikimedia Commons)

(Image: Microsoft via Wikimedia Commons)

As we learned back in March, Edge will feature a new rendering engine, Microsoft EdgeHTML. The technology allows Web developers to build a single site that supports all modern browsers, which opens more time to focus on security. EdgeHTML also protects against "con man" breaches with support for HTTP Strict Transport Security, which ensures safe connections to critical sites such as those for online banking.

Microsoft is migrating to a more secure extension model for Edge by leveraging the extensive capabilities in HTML5 and doing away with support for other extensions, including Toolbars, VML, ActiveX, VB Script, and BHOs. It's working on a more modern extension model rooted in HTML and JavaScript.

These are just a few of many security measures that Microsoft is working into its Edge browser.

Despite the advancements it has made so far, the team has acknowledged that there will be security holes missed. In an effort to catch these, Microsoft has launched a Windows 10 Technical Preview Bug Bounty Program. Through the program, security researchers can test and report vulnerabilities before Edge reaches the public.

The news pertaining to Microsoft Edge security is the latest in a long series of announcements pertaining to Windows 10. In other security news, we learned last week that Microsoft's Patch Tuesday is on its way out. The event will be replaced with Windows Update for Business in Windows 10.

[Did you miss any of the InformationWeek conference in Las Vegas last month? Don't worry: We have you covered. Check out what our speakers had to say and see tweets from the show. Let's keep the conversation going.]

 

 

Kelly Sheridan is Associate Editor at Dark Reading. She started her career in business tech journalism at Insurance & Technology and most recently reported for InformationWeek, where she covered Microsoft and business IT. Sheridan earned her BA at Villanova University. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
1/15/2016 | 3:43:51 AM
Re: Windows Security

"It will be interesting to see if MS can keep itself from introducing yet another name to it's software tree. I was looking forward to Windows 12, but you think it won't happen ?"

Technocrati, may be difficult for releasing the same product with other name. I heard that MS plan is to  increase the version number on each year rather than releasing windows with year.

Technocrati
50%
50%
Technocrati,
User Rank: Ninja
1/12/2016 | 1:14:06 PM
Re: Windows Security

@Whoopty    I agree.   MS is trying to shake the IE's of the past and a name change was the first step in that direction.   It is good to see the focus on security. 

You cannot have a browser tied into the OS, that is a security risk.

Technocrati
50%
50%
Technocrati,
User Rank: Ninja
1/12/2016 | 1:09:59 PM
Re: Windows Security

"....hereafter MS is not going to release any new version of Windows.  They will keep the name as such "Windows 10" and periodically releases patches for upgradation."

 

@Gigi3    It will be interesting to see if MS can keep itself from introducing yet another name to it's software tree.   

I was looking forward to Windows 12, but you think it won't happen ?

Gigi3
100%
0%
Gigi3,
User Rank: Ninja
6/1/2015 | 11:38:14 PM
Re: Windows Security
"I think the vulnerability of IE was very much because it was blended and coupled with the base OS and windows was already facing challenges in making it a secure product. Other than securing the OS, decoupling the browser with its base can also have some positive impact on the security."

Nomii, as you said decoupling the browser is a good option; Microsoft might try it in a long back itself. So I won't think that's a feasible solution. Am dam sure that, if anything could possible, they might try it at the preliminary stage itself.
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
6/1/2015 | 11:34:27 PM
Re: Windows Security
"yes the number of IE users has declined over the year. I will not blame security as the sole reason for this decline as most of the users who have shifted to other browsers have never been hacked. I think the usability and upgrades were the second best reason user started looking for other options."

Nomii, I mean security as one of the reason. There may be other reasons too as you mentioned.
nomii
50%
50%
nomii,
User Rank: Ninja
5/21/2015 | 5:15:54 AM
Re: Windows Security
@Gigi3: yes the number of IE users has declined over the year. I will not blame security as the sole reason for this decline as most of the users who have shifted to other browsers have never been hacked. I think the usability and upgrades were the second best reason user started looking for other options.
nomii
50%
50%
nomii,
User Rank: Ninja
5/21/2015 | 5:15:20 AM
Re: Windows Security
@Whoopty: I think the vulnerability of IE was very much because it was blended and coupled with the base OS and windows was already facing challenges in making it a secure product. Other than securing the OS, decoupling the browser with its base can also have some positive impact on the security.
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
5/18/2015 | 12:50:47 AM
Re: Windows Security
"Security is one of the areas where Microsoft's Internet Explorer fell down a lot. While it was always likely to be the biggest target for hackers and malware writers because of its bundling with Windows, it's reputation as being quite unsafe was well deserved."

Whoopty, you are right. I think that's the one reason most of the users using either Firefox or chrome. I havn't used IE for last 2-3 years.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
5/14/2015 | 7:56:00 AM
Re: Windows Security
Security is one of the areas where Microsoft's Internet Explorer fell down a lot. While it was always likely to be the biggest target for hackers and malware writers because of its bundling with Windows, it's reputation as being quite unsafe was well deserved.

I think this is one of the big reasons it dropped the IE branding for this new browser system. 
Gigi3
100%
0%
Gigi3,
User Rank: Ninja
5/14/2015 | 3:37:34 AM
Windows Security
"Microsoft is pulling out all the stops to boost the appeal of Windows 10 to a global user audience. Most recently, these efforts have included tighter security measures for new minimalist browser, Microsoft Edge."

Kelly, security is a major concern and buzz ward in networking and internet browsing. So MS is trying to address such concerns and it may help to build a customer trust factor. Another factor is, hereafter MS is not going to release any new version of Windows.  They will keep the name as such "Windows 10" and periodically releases patches for upgradation.
Page 1 / 2   >   >>
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll