Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Brings Hardware-Based Isolation to Chrome, Firefox

Microsoft this week made the Windows Defender Application Guard extensions generally available, which now provides hardware-based isolation to all Chrome and Firefox users on Windows 10.

Microsoft this week made the Windows Defender Application Guard extensions generally available, which now provides hardware-based isolation to all Chrome and Firefox users on Windows 10.

First introduced in 2017 and designed to isolate browser-based attacks, the container technology has been available only to Microsoft Edge until earlier this year, when Microsoft released the Windows Defender Application Guard extensions to Windows Insiders. 

The extensions leverage a native application that handles the communication between the browser and the device’s Application Guard settings and were designed to automatically redirect untrusted navigations to Windows Defender Application Guard for Microsoft Edge. 

“When users navigate to a site, the extension checks the URL against a list of enterprise sites defined by enterprise administrators. If the site is determined to be untrusted, the user is redirected to an isolated Microsoft Edge session,” Microsoft explains

The isolated Microsoft Edge session allows the user to freely navigate to any site that the organization hasn’t defined as trusted, while resting assured that the system is not at risk. When the user attempts to navigate to an enterprise site while in an isolated Microsoft Edge session, they are taken back to the default browser. 

To configure the Application Guard extension under managed mode, admins should ensure the devices meet the necessary requirements, then turn on Windows Defender Application Guard, define network isolation settings, install the companion application from the Microsoft Store and the browser extensions, and then restart the device. 

Microsoft also says it is being transparent about the installation of Windows Defender Application Guard and its purpose, and that a Windows Defender Application Guard landing page will be displayed in Firefox and Chrome after the extension has been installed and configured. Users will also receive information on how to resolve issues with the configuration. 

To initiate an Application Guard session without entering a URL or clicking on a link, users need to click on the extension icon on the menu bar of the browser.

Microsoft points out that hardware-based isolation has been introduced in Windows 10 to improve the platform’s security, and is a critical component of the attack surface reduction capabilities in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) and Microsoft Threat Protection. 

“With the new Application Guard extension for Google Chrome and Mozilla Firefox, customers can extend the security benefits of isolation in their environments and further reduce attack surface. Customers can confidently navigate the expansive internet with protection for enterprise and personal data,” the software giant says. 

Microsoft has made the Windows Defender Application Guard extensions for Chrome and Firefox available for Windows 10 Professional, Enterprise, and Education SKUs, version 1803 and later with latest updates.

Related: Chrome, Firefox Get Windows Defender Application Guard Extensions

Related: Site Isolation Is Coming to Firefox

Related: Chrome Improves Security for Enterprise Use

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...