Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Microsoft Brings Hardware-Based Isolation to Chrome, Firefox

Microsoft this week made the Windows Defender Application Guard extensions generally available, which now provides hardware-based isolation to all Chrome and Firefox users on Windows 10.

Microsoft this week made the Windows Defender Application Guard extensions generally available, which now provides hardware-based isolation to all Chrome and Firefox users on Windows 10.

First introduced in 2017 and designed to isolate browser-based attacks, the container technology has been available only to Microsoft Edge until earlier this year, when Microsoft released the Windows Defender Application Guard extensions to Windows Insiders. 

The extensions leverage a native application that handles the communication between the browser and the device’s Application Guard settings and were designed to automatically redirect untrusted navigations to Windows Defender Application Guard for Microsoft Edge. 

“When users navigate to a site, the extension checks the URL against a list of enterprise sites defined by enterprise administrators. If the site is determined to be untrusted, the user is redirected to an isolated Microsoft Edge session,” Microsoft explains

The isolated Microsoft Edge session allows the user to freely navigate to any site that the organization hasn’t defined as trusted, while resting assured that the system is not at risk. When the user attempts to navigate to an enterprise site while in an isolated Microsoft Edge session, they are taken back to the default browser. 

To configure the Application Guard extension under managed mode, admins should ensure the devices meet the necessary requirements, then turn on Windows Defender Application Guard, define network isolation settings, install the companion application from the Microsoft Store and the browser extensions, and then restart the device. 

Microsoft also says it is being transparent about the installation of Windows Defender Application Guard and its purpose, and that a Windows Defender Application Guard landing page will be displayed in Firefox and Chrome after the extension has been installed and configured. Users will also receive information on how to resolve issues with the configuration. 

To initiate an Application Guard session without entering a URL or clicking on a link, users need to click on the extension icon on the menu bar of the browser.

Microsoft points out that hardware-based isolation has been introduced in Windows 10 to improve the platform’s security, and is a critical component of the attack surface reduction capabilities in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) and Microsoft Threat Protection. 

“With the new Application Guard extension for Google Chrome and Mozilla Firefox, customers can extend the security benefits of isolation in their environments and further reduce attack surface. Customers can confidently navigate the expansive internet with protection for enterprise and personal data,” the software giant says. 

Microsoft has made the Windows Defender Application Guard extensions for Chrome and Firefox available for Windows 10 Professional, Enterprise, and Education SKUs, version 1803 and later with latest updates.

Related: Chrome, Firefox Get Windows Defender Application Guard Extensions

Related: Site Isolation Is Coming to Firefox

Related: Chrome Improves Security for Enterprise Use

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Endpoint Security

The Zero Day Dilemma

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMware is warning that one of the flaws is being exploited...