Microsoft has launched a new browser on Windows 10-Microsoft Edge, so let's get to the next step!
Microsoft Edge security Hardening in the
In fact, the edge of the HTML drawing engine is still the Trident engine, called Microsoft Edge HTML, not only removed a large number of IE-specific technology and related program code, but also imported a number of new browser features.
Memgc
The MEMGC memory management feature uses "Mark and find opportunity cleanup" to reduce the "use of freed memory" vulnerability, which uses MEMGC to manage its "file object Model" (DOM) and supports object memory management. The MEMGC is designed to avoid UAF attacks.
Abandonment (disposal) category
The Microsoft Edge HTML drawing engine imported a new category called "Abandonment" (discard). It detects corruption in memory content and emits an "fail_fast_exception" exception error when detecting such cases to prevent any possible exploit.
The "Enhanced protected Mode" sandbox environment and the 64-bit mode are used by default
Because Edge is a new browser, its enhanced protected mode (EPM) sandbox environment preset is on, and its drawing handlers are executed in 64-bit mode as long as the system can support it.
Aside from the old features
Edge eliminates features that Microsoft deems unsupported, such as browser-assisted program objects and toolbars. Microsoft has indicated that edge will adopt an expanded architecture like Google Chrome and Mozilla Firefox, and that some code languages and X-ua-compatible file headers are no longer supported in the future.
Microsoft Edge Potential Threats
Integrate Adobe Flash and PDF reading programs
Microsoft Edge integrates into two widely used plugins: Adobe Flash and PDF reader. The attack on Flash will continue to be a problem, as built-in functionality can be risky later on. Similarly, a PDF reading program can be a potential target for attackers to attack edge browsers.
Support Asm.js
A new feature of Edge is support for asm.js. In the 2015 Pwn2Own competition, Mozilla Firefox browser asm.js a loophole (cve-2015-0817) was used to successfully control the browser, therefore, we can not rule out the possibility that it becomes the source of Microsoftedge vulnerabilities.
New Extended Functionality Mode
Microsoft Edge introduces improved expansion support after Windows 10 is introduced, and these extensions are performed in the Appcontainer sandbox, but the sandbox escape vulnerability can be used to avoid this.
All in all, Microsoft does have a lot of work to do on edge compared to Internet Explorer, and while there are still potential threats, this is likely to be unavoidable given the complexity and functional requirements of modern browsers.
Forward please indicate that the article originates from Trend Micro!
Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.
One minute to let you know Microsoft Edge