Operating system security

How To Use Microsoft Edge Security Features

Greg Belding
April 30, 2020 by
Greg Belding

Introduction

Microsoft Edge (Edge) is a web browser that was first released with Windows 10 back in 2015. Edge has essentially replaced Internet Explorer, as IE 11 is technically still around in Windows 10, but it is mainly for legacy purposes and no longer supported. This new browser brings with it a measure of new security features that any Windows 10-focused professional will need to become intimately familiar with to maximize the browser’s potential. 

This article will detail how to use the array of security features that accompany Edge in Windows 10, including sandboxing, plugins and extensions, SmartScreen, Application Guard and App & Browser control. 

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

A little about Edge

Your understanding of Edge’s security features will be sharper if you understand the context of how it fits into Windows 10. 

Built to be minimalist and streamlined, the Edge browser has Windows 10 written all over it — with modern security features that offer heightened user control, customization, more compatibility with the modern web and more robust functionality than IE, Edge can be considered the face of Windows 10’s approach to life. Even the biggest Windows skeptic will agree that Edge is more security-minded than Microsoft’s reputation would lead you to believe.

Chromium-based Edge

Introduced in 2019, Microsoft has moved Edge towards the world of greater security and speed by basing edge on Chromium. Chromium is what Google Chrome and the privacy-minded Brave browser are based on, offering greater privacy options to Edge users. Namely, Edge will allow users to choose how third parties track the Edge users across the web. 

Being an unabashed Chromium browser addict (I use Brave daily), I must say that this will be a welcome addition to the Edge browsing experience. Increased privacy options was the main draw away from other browsers for me.

Sandboxing

Everyone with a toe in the proverbial pool of information security would agree that web browsers can be a primary point of attack for attackers. To help alleviate this, Edge always operates in a partial sandbox. This means that if an attacker does somehow gain access to the browser, their dirty deeds will be confined to the sandbox and will not compromise the rest of the computer. This will feel like a breath of fresh air to many, especially because this feature is on by default. 

Plugins, toolbars and extensions

Keeping with the theme of a safer, sleeker web browsing experience, Edge has a different take on scripting and extensions than IE. Legacy IE technologies, including toolbars, Browser Helper Objects, VBscript, ActiveX, Java and VML, are now in the dustbin of history. 

Users cannot download plugins, toolbars and extensions the way they could in IE; along with the Windows 10 Anniversary Update, browser extensions can now be downloaded. Current Edge-compatible extensions follow Google Chrome’s extension model and allow for HTML, JavaScript and CSS-based extensions to be downloaded.

Application Guard

If cleanliness is next to godliness, the appropriate analogy here would be redundancy is next to security soundness. This definitely applies to Edge security features, as it has strengthened the Edge sandbox. 

As mentioned earlier, Edge operates all of the time (not just by default) in a partial sandbox. Users can choose to make Edge operate in a sandbox all of the time by opening Edge in a Windows Defender Application Guard window. 

Application Guard must first be enabled before use. To enable it, navigate to the Cortana search bar and search Windows Features. Click on “Turn Windows Features On or Off.” Scroll down the list of Windows Features and locate Windows Defender Application Guard. Simply click the check box next to Windows Defender Application Guard and you will be off to the proverbial races.

SmartScreen

Officially known as Windows Defender SmartScreen, this web browser security feature brings solid anti-phishing and anti-malware functionality to the Edge browser. This feature gets the job done by keeping you covered in three different ways:

  • SmartScreen analyzes webpages you browse and determines whether they have suspicious characteristics. If any are found, a message is displayed on the Windows 10 system notifying the user of the risk and recommending caution, as well as giving an opportunity for user feedback
  • SmartScreen uses the SmartScreen Filter, which keeps a dynamic list of known phishing websites and websites containing malware. If the website browsed is on the list, the user will be presented with a warning stating that the website has been blocked
  • It also checks downloaded files to see if it is on a list of reported malware sites or unsafe programs and whether it is on a list of files commonly downloaded by Edge users. It warns the user if the file fits any of these criteria

App & Browser Control

App & Browser Control resides within Windows Defender Security Center and is the user-friendly way that Windows 10 gives users control over SmartScreen. To get there, enter App & Browser into the Cortana search bar and select App & Browser Control. This will present you with a window that enables you to customize SmartScreen by allowing users to choose how strict they want SmartScreen to be with the three functions enumerated above. Users get to choose whether they want SmartScreen to block, warn or be turned off.

Users are also given the option to select whether exploit protection is used. Exploit protection is turned on by default and gives users the option to choose whether they want the following sub-features on or not:

  • Control flow guard
  • Data execution prevention
  • Force randomization for images
  • Randomize memorize memory allocation
  • High-entropy ASLR
  • Validate exception chains
  • Validate heap integrity

Conclusion

Edge is a vast improvement over IE in terms of security and follows the general trend of users being given greater control over security features. Its security features are easy to configure and turn on or off and are more intuitive than most browsers available today. With sandboxing, Exploit Guard and SmartScreen on by default, Edge has your information security back. 

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

 

Sources

  1. Security Features in Microsoft Edge Browser for Windows 10, The Windows Club
  2. Turn On or Off SmartScreen for Microsoft Edge in Windows 10, Ten Forums
  3. Windows 10's new Edge browser: Microsoft reveals more features headed your way, TechRepublic
  4. Windows 10 Application Guard Added to the New Microsoft Edge, Bleeping Computer
Greg Belding
Greg Belding

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.