Security Experts:

Microsoft Adds Virtualization-based Security to Edge Browser

At its 2016 Ignite conference in Atlanta this week, Microsoft announced improved security for its Edge browser in the form of Windows Defender Application Guard, a tool that leverages virtualization-based security technology for user protection.

The new Application Guard is yet another step Microsoft has taken towards improving the overall security of Windows 10 systems, following features such as Windows Information Protection (WIP) and signed kernel mode drivers. To boost user security, Microsoft disabled RC4 in Edge and Internet Explorer 11 earlier this year.

With browsers being one of the main attack vectors for cybercriminals, it doesn’t come as a surprise that Microsoft is focused on improving Edge’s security. After all, Mozilla and Google do the same for Firefox and Chrome, which receive numerous patches and security enhancements from one major release to another.

According to Microsoft, Edge has the “lowest number of vulnerabilities of any major browser on Windows,” yet that doesn’t mean the browser is without flaws. In fact, the tech giant itself admits that “any vulnerability in the browser is a risk for businesses that must protect their networks and data from increasingly sophisticated and targeted threats.”

Leveraging virtualization-based security technology, Windows Defender Application Guard is meant to offer protection against advanced attacks coming from the Internet, Microsoft’s Yusuf Mehdi, Corporate Vice President, Windows and Devices Group, explains. The new tool, Mehdi says, was designed to boost the security of enterprise’s devices, employees, data and even corporate networks.

“This level of protection has never been more important, as the majority of attacks start in the browser,” Mehdi says.

Application Guard ensures that the browser and employee activity is isolated using a hardware-based container, which should prevent malicious code from affecting the system and even the enterprise network. According to Mehdi, this type of security is expected to provide the necessary protection against malware, viruses, vulnerabilities, and even zero-day attacks.

“Once enabled, enterprise administrators can configure a trusted network site list policy and distribute the group policy to any devices it wishes to protect with Application Guard. Even if an untrusted site successfully loads malware, the malware is unable to reach beyond the isolated container to steal data or permanently compromise devices or the network. Once the employee exits their Microsoft Edge browsing session, any malware is erased, preventing further attacks,” Mehdi explains.

In Microsoft’s opinion, Application Guard will turn Edge into the browser standard for the enterprise, while making Windows 10 the first operating system to include this type of protection alongside a browser. The feature, Mehdi says, is set to become available to Windows Insiders in the coming months, while expected to roll out more broadly next year.

Also this week at its Ignite conference, Microsoft announced a new Azure-based software fuzz testing service. Called Project Springfield, the service is based around its own internal Scalable, Automated, Guided Execution (SAGE) testing tool. 

Related: Windows 10 Devices to Allow Sign in With Face, Iris

Related: Microsoft EMET Adds Windows 10 Compatibility

view counter