Security Baseline Review for Microsoft Edge version 134 now available



 Microsoft Security Baselines Blog:

We have reviewed the new settings in Microsoft Edge version 134 and determined that there are no additional security settings that require enforcement. The Microsoft Edge version 128 security baseline continues to be our recommended configuration which can be downloaded from the Microsoft Security Compliance Toolkit.

Microsoft Edge version 134 introduced 12 new Computer and User settings and we have included a spreadsheet listing the new settings to make it easier for you to find.

There are however two settings we would like to highlight

Configure Edge Scareware Blocker Protection

This is an important new feature for combatting the most prevalent social-engineering attacks on the web. While we are not ready to enforce this setting yet, organizations should consider its impact and determine if it is right for their environments. In a future baseline, this will be set to a value of Enabled. Additional details can be found here.

JavaScript optimization settings

These v8 JavaScript engine policies (located under Microsoft Edge\Content settings) control whether Edge will perform JIT-compilation of JavaScript code on websites. Disabling JIT-compilation improves security against many memory-safety vulnerabilities but can slow website performance on script-heavy sites.

These policies control only JavaScript compilation and do not impact Web Assembly (WASM) compilation, which remains enabled by default unless Edge’s Enhanced Security Mode (ESM) is in use.

Disabling the optimizer disables the two JIT optimizing compilers (Maglev and Turbofan) but WASM can continue to use JIT compiler (LiftOff). The disablement of these two compilers reduces the browser’s attack surface significantly.

These policies are an addition to the existing ESM policies. If the Enterprise has set the ESM policies, then ESM policy takes precedence over V8 optimizer disablement.

As a friendly reminder, all available settings for Microsoft Edge are documented here, and all available settings for Microsoft Edge Update are documented here.

Please continue to give us feedback through the Security Baselines Discussion site.


 Source:

techcommunity.microsoft.com

Security Review for Microsoft Edge version 134 | Microsoft Community Hub

We have reviewed the new settings in Microsoft Edge version 134 and determined that there are no additional security settings that require enforcement. The...
techcommunity.microsoft.com techcommunity.microsoft.com
 
Click to expand...
You must log in or register to reply here.

Similar threads

  • Article Article
Security Baseline Review for Microsoft Edge version 133 now available
Replies
0
Views
184
Brink
Brink
  • Article Article
Security Baseline Review for Microsoft Edge version 132 now available
Replies
0
Views
156
Brink
Brink
  • Article Article
Security Baseline for Microsoft Edge version 131 now available
Replies
0
Views
324
Brink
Brink
  • Article Article
Security Baseline for Microsoft Edge version 130 now available
Replies
0
Views
327
Brink
Brink
  • Article Article
Security Baseline for Microsoft Edge version 129 now available
Replies
0
Views
411
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom