Latest protections unveiled
Microsoft has added new security features to its Edge browser, building on the ‘Super Duper Secure Mode’ that was unveiled late last year.
A new experimental security feature, this mode is designed to minimize the chances of browser attacks by disabling the Just-In-Time (JIT) component in the V8 engine – a feature that significantly improves speed and usability, but which has been associated with numerous security vulnerabilities.
Since the launch of Super Duper Secure Mode, says Microsoft Edge vulnerability research lead Johnathan Norman, most users who have turned the feature on say they haven’t noticed any issues or reported any performance trade-offs.
“84% of users who enabled the feature never disabled it. This was surprising because we don’t have WASM [WebAssembly] working yet. An even bigger surprise is that performance/speed was not a common complaint. In fact, it was least often cited as an issue,” he says in a tweet.
“Most users complained about lack of WASM support. Of the users who disabled the feature 42% clicked ‘other’ and described problems related to WASM, 29% explicitly called out website compat[ability] and 15% selected page loads slowly. In most cases the lack of JIT was a non-issue.”
Microsoft has added new security protections to Edge, including Control-flow Enforcement Technology (CET) and Arbitrary Code Guard (ACG), which prevent dynamic code generation in the renderer processes and implement a separate shadow stack to protect return addresses.
“Moreover, we are quite excited that Microsoft Edge now supports both forwards and backwards control-flow protection. By applying these protections, we can provide defense in depth that spans beyond JIT attacks,” says Norman.
Microsoft is also experimenting with the delivery of unique, user-tailored bypass lists based on the Chromium project’s user site engagement scores.
The browser maker is also building a new WASM Interpreter codenamed DrumBrake. Currently, a compiler is used to convert WASM code into machine instructions and requires writable and executable pages in memory.
However, the memory allocated for WASM is often used by attackers to execute their own code in exploits – and while enabling ACG prevents this, it also breaks WASM.
The aim of DrumBrake is to provide a secure WASM environment that unblocks the most common WASM use cases without requiring JIT.
There will be trade-offs involved, says Norman: “For example, DrumBrake does require less memory, which is a nice bonus but we expect that compute-intensive applications may not perform as well.”
Last September, Microsoft Edge moved to a four-week major release cycle cadence, while adding an eight-week Extended Stable option for enterprise customers.
The changes have been bundled in Edge version 98, which started to land on user’s desktops earlier this month.
The latest version also includes a new mode that prioritizes browser security. This allows administrators to apply group policies to Windows, macOS, and Linux end-user desktops to help protect against exploits.