Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Adds Virtualization-based Security to Edge Browser

At its 2016 Ignite conference in Atlanta this week, Microsoft announced improved security for its Edge browser in the form of Windows Defender Application Guard, a tool that leverages virtualization-based security technology for user protection.

At its 2016 Ignite conference in Atlanta this week, Microsoft announced improved security for its Edge browser in the form of Windows Defender Application Guard, a tool that leverages virtualization-based security technology for user protection.

The new Application Guard is yet another step Microsoft has taken towards improving the overall security of Windows 10 systems, following features such as Windows Information Protection (WIP) and signed kernel mode drivers. To boost user security, Microsoft disabled RC4 in Edge and Internet Explorer 11 earlier this year.

With browsers being one of the main attack vectors for cybercriminals, it doesn’t come as a surprise that Microsoft is focused on improving Edge’s security. After all, Mozilla and Google do the same for Firefox and Chrome, which receive numerous patches and security enhancements from one major release to another.

According to Microsoft, Edge has the “lowest number of vulnerabilities of any major browser on Windows,” yet that doesn’t mean the browser is without flaws. In fact, the tech giant itself admits that “any vulnerability in the browser is a risk for businesses that must protect their networks and data from increasingly sophisticated and targeted threats.”

Leveraging virtualization-based security technology, Windows Defender Application Guard is meant to offer protection against advanced attacks coming from the Internet, Microsoft’s Yusuf Mehdi, Corporate Vice President, Windows and Devices Group, explains. The new tool, Mehdi says, was designed to boost the security of enterprise’s devices, employees, data and even corporate networks.

“This level of protection has never been more important, as the majority of attacks start in the browser,” Mehdi says.

Application Guard ensures that the browser and employee activity is isolated using a hardware-based container, which should prevent malicious code from affecting the system and even the enterprise network. According to Mehdi, this type of security is expected to provide the necessary protection against malware, viruses, vulnerabilities, and even zero-day attacks.

“Once enabled, enterprise administrators can configure a trusted network site list policy and distribute the group policy to any devices it wishes to protect with Application Guard. Even if an untrusted site successfully loads malware, the malware is unable to reach beyond the isolated container to steal data or permanently compromise devices or the network. Once the employee exits their Microsoft Edge browsing session, any malware is erased, preventing further attacks,” Mehdi explains.

Advertisement. Scroll to continue reading.

In Microsoft’s opinion, Application Guard will turn Edge into the browser standard for the enterprise, while making Windows 10 the first operating system to include this type of protection alongside a browser. The feature, Mehdi says, is set to become available to Windows Insiders in the coming months, while expected to roll out more broadly next year.

Also this week at its Ignite conference, Microsoft announced a new Azure-based software fuzz testing service. Called Project Springfield, the service is based around its own internal Scalable, Automated, Guided Execution (SAGE) testing tool. 

Related: Windows 10 Devices to Allow Sign in With Face, Iris

Related: Microsoft EMET Adds Windows 10 Compatibility

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

The Zero Day Dilemma

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...