Microsoft Edge Browser Gets Security Boost - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
News
5/13/2015
08:05 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Microsoft Edge Browser Gets Security Boost

The new Windows 10 browser, Microsoft Edge, is fortified with security measures to keep users safe.

Windows 10, HoloLens, Office: Microsoft Details Its Vision
Windows 10, HoloLens, Office: Microsoft Details Its Vision
(Click image for larger view and slideshow.)

Microsoft is pulling out all the stops to boost the appeal of Windows 10 to a global user audience. Most recently, these efforts have included tighter security measures for new minimalist browser, Microsoft Edge.

Edge, formerly codenamed Project Spartan, is one of the many new features arriving on desktops when Windows 10 launches this summer. The faster, more lightweight platform will replace Internet Explorer as the go-to browser for the majority of users running the new OS. Internet Explorer 11 will continue to be available for business compatibility.

Microsoft hopes to have Windows 10 on 1 billion devices within two to three years after its launch. That signifies a lot of users who could be exposed to security threats if the Edge browser has the same extent of vulnerabilities as its predecessor.

[Windows 10: Microsoft's Last Operating System?]

As a result, security has become a top priority for Microsoft Edge, as described in a May 11 blog post from Microsoft. The Edge team is implementing a series of advanced technologies to protect users from increasingly sophisticated cyberthreats.

In a major change from Internet Explorer, which was built into the Windows OS, Microsoft Edge will be available as a Universal app. This makes the browser easier to update and allows all processes to run in isolated "sandboxes" or "app containers."

Internet Explorer was affected by security vulnerabilities in the Windows OS; Edge will not be.

Edge is also changing Microsoft's browser extension model by allowing its content processes to run in app containers all the time, not just as default. This means that every Web page visited in Edge will be processed in an app container, which the team claims is "the latest and most secure client-side app sandbox in Windows."

Many hackers steal their victims' information by encouraging them to enter their usernames and passwords on the malicious duplicate of a trusted website. To protect against this strategy, Windows 10 will leverage Microsoft Passport technology. Instead of entering plain-text passwords, users will undergo a one-time authentication that unlocks their device and provides access to their accounts.

To further protect against phishing, Microsoft SmartScreen, which was introduced in Internet Explorer 8, will be used throughout Microsoft Edge and Windows 10 Shell to perform reputation checks on websites and block malicious pages.

(Image: Microsoft via Wikimedia Commons)

(Image: Microsoft via Wikimedia Commons)

As we learned back in March, Edge will feature a new rendering engine, Microsoft EdgeHTML. The technology allows Web developers to build a single site that supports all modern browsers, which opens more time to focus on security. EdgeHTML also protects against "con man" breaches with support for HTTP Strict Transport Security, which ensures safe connections to critical sites such as those for online banking.

Microsoft is migrating to a more secure extension model for Edge by leveraging the extensive capabilities in HTML5 and doing away with support for other extensions, including Toolbars, VML, ActiveX, VB Script, and BHOs. It's working on a more modern extension model rooted in HTML and JavaScript.

These are just a few of many security measures that Microsoft is working into its Edge browser.

Despite the advancements it has made so far, the team has acknowledged that there will be security holes missed. In an effort to catch these, Microsoft has launched a Windows 10 Technical Preview Bug Bounty Program. Through the program, security researchers can test and report vulnerabilities before Edge reaches the public.

The news pertaining to Microsoft Edge security is the latest in a long series of announcements pertaining to Windows 10. In other security news, we learned last week that Microsoft's Patch Tuesday is on its way out. The event will be replaced with Windows Update for Business in Windows 10.

[Did you miss any of the InformationWeek conference in Las Vegas last month? Don't worry: We have you covered. Check out what our speakers had to say and see tweets from the show. Let's keep the conversation going.]

 

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
5/13/2015 | 6:40:30 PM
Security must be part of the design, not added on Patch Tuesday
Edge won't repeat the mistakes of Explorer, and besides, it has the examples of Mozilla and Chrome to guide it. Explorer wasn't designed to be secure. It was designed to out-feature Netscape Navigator, which it did, winning one battle, only to lose the long term war. Microsoft has learned a lesson, and in the process taught us all about the merits of security as part of the original design.
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
News
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Commentary
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Mary E. Shacklett,  4/13/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll