14 DAY TRIAL // Microsoft Edge got hacked no less than 5 times at Pwn2Own earlier this month, but this doesn’t necessarily mean that it’s not a secure app, only that most teams at the event decided to focus all their efforts on the new default Windows 10 browser.
To prove that Edge is a truly secure browser, Microsoft today detailed the sandbox implementation, explaining that this feature evolved over time after previously being introduced in Internet Explorer in a similar form.
Internet Explorer 7 was the very first browser to come with a sandbox, which at that point was called Protected Mode, while Windows 8 introduced app container, a feature that Internet Explorer 11 used to create the Enhanced Protected Mode, also known as EPM.
Coming in Creators Update
Microsoft Edge, which removed support for ActiveX entirely, pushes this feature to a completely new level, with the company saying that it’s able to run entirely inside app container sandboxes at all times. This means that the browser is capable of limiting the impact of an attack at any given time by limiting the code a cybercriminal can use to search vulnerabilities and the privileges they could get.
“What we just did here was to create a tuned sandbox for the Microsoft Edge content process, with a much tighter fit to the functional needs of the software than a normal app container provides. That is a lot of work, which is why this is not how the UWP platform works. But because web browsers are among some of the most threatened software there is, it is worth it in this case,” Microsoft explains.
Microsoft says that by investing in the sandbox technology in Edge browser, the company was able to reduce access to MUTEXes by 100 percent, which means that attackers can no longer inject code capable of locking up a resource and crashing the browser. Furthermore, this allowed for a 90 percent reduction in access to WinRT and DCOM APIs, as well as a 40 percent reduction in access to devices.
All these security improvements will become available for everyone on Windows 10 with the debut of the Creators Update next month, alongside other new features such as tab previews.