2 min read

New Microsoft Edge Features Includes "Super-Duper Secure Mode..."

Featured Image

Microsoft-Edge

Microsoft is trying out some new features in its latest Edge beta releases including a brand spanking new browsing mode called...wait for it..."Super-Duper Secure Mode!"

The new browsing mode is designed to stop unknown zero-day vulnerabilities before they can compromise your system. According  to Microsoft's release notes (link), the browsing mode is turned on it "brings Hardware-enforced Stack Protection, Arbitrary Code Guard (ACG), and Content Flow Guard (CFG) as supporting security mitigations to increase users' security on the web."

The new modes included in Version 98.0.1108.23 are called:

  • EnhanceSecurityMode
  • EnhanceSecurityModeBypassListDomains
  • EnhanceSecurityModeEnforceListDomains

The release also includes the addition of a custom primary password that'll enable users to add an extra bit of authentication before passwords are entered into auto-filled forms.

Super-Duper Secure Mode

So, Super-Duper Secure mode (SDSM) has been around for a while, first appearing in November of last year. SDSM is designed to eliminate any vulnerabilities caused by the V* JavaScript engine.

SDSM disables something called Just-in-Time  Compilation (JIT). JIT is what the JavaScript engine uses to speed up any JavaScript code that's used on a web page in order to make it load faster. We're all very aware of the vulnerabilities JavaScript can introduce to an ecosystem via an insecure web browser, so we won't get into all that here. That said, Microsoft has promised its users that enabling SDSM won't impact their browsing.

SDSM also includes something called Control-flow Enforcement Technology (CET). CET is an Intel hardware-based exploit prevention tool that will also add security to the browser.

How to Enable Super-Duper Secure Mode

Thankfully, SDSM has been included in versions of Edge for Mac and Linux, not just Windows. Here are the steps you need to take to enable it on your end-point (assuming your end-point is running the most up to date version of Edge to begin with):

1. Click on the three horizontal dots menu item located in the top

Screen Shot 2022-01-25 at 4.58.56 PM

2. Select "Settings"

Screen Shot 2022-01-25 at 4.59.05 PM

3. Select the "Privacy, search and services" on the sidebar of the Settings page and scroll down to "Enhance your security on the web" section in the main window. Toggle the switch to on and choose whether or not you want the "Balanced" or "Strict" options.

Screen Shot 2022-01-25 at 5.00.13 PM

After that you're done!

Conclusion

So, I don't personally know all that many people who use Edge as their primary internet browser. Most people are using Chrome. Some use Safari, and a few others are still out there using Firefox and whatever else.

The good news there is this; Edge is based on Google's Chromium open-sourced browser software. The same platform Chrome, Firefox and a host of other browsers are as well. There's reason to believe in the coming months that these browsers will begin to include similar security features.

The bad news is Safari, Apple's proprietary web browser isn't built on Chromium and we have no idea if they're going to be including anything similar in future builds. The fruit company is notoriously tight-lipped about these things. Is it a foregone conclusion they won't be doing something similar? No. We just don't know what it is yet.

So, that's it. If you're using Microsoft Edge you're now super-duper secure. If you're using Chrome or Firefox keep watching the skies, something will probably turn up that's comparable pretty soon. If you're on Safari I'm going to add another abbreviation to this all-ready alphabet soup-ridden article: SOL.

I'm not going to define that one. You have to look it up yourself.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don't forget to follow us on LinkedIn and Twitter

Are Passkeys the Future? Apple Seems to Think So...

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Read More

Alert: Follina aka CVE-2022-30190

A newly discovered exploit is using a flaw in Microsoft's Support Diagnostic Tool (MSDT) to remotely take over end-points via compromised Word...

Read More

Chaos/Yashma: The Torrid Tale of a GUI Based Ransomware Builder...

It used to take a good deal of coding knowledge to build a website or an application. That's not the case anymore. You can build a website in...

Read More