Microsoft is testing the Super Duper Secure Mode for the Edge browser to improve overall security
The Microsoft browser uses the Chromium open-source browser project led by Google, which includes a just-in-time compilation engine called JIT developed by Google for the browser.
Using this engine can significantly improve browser performance. Unfortunately, the engine has many vulnerabilities, and the severity of each vulnerability is usually higher.
Of course, most vulnerabilities will be discovered and repaired by researchers or Google before hackers use them, but sometimes there are some 0-day vulnerabilities that will be exploited by hackers.
In order to solve potential security problems, the Microsoft browser team recently launched a Super Duper Secure Mode. The so-called Super Duper Secure mode is to completely disable the internal compilation engine.
The Microsoft browser development team said that the new Super Duper Secure Mode added to the Microsoft Edge Dev & Beta version helps avoid security vulnerabilities and improve security.
When the user turns on the Super Duper Secure Mode, Google’s JIT compilation engine will actually be disabled, and Microsoft will automatically deploy a variety of mitigation measures to change the use of the vulnerability.
These mitigation measures include the use of new control flow execution technology during the rendering process, and measures for Web Assembly and code protection will be added in the future.
The main reason for this change is that Microsoft believes that there are many vulnerabilities in Google’s compiler engine. After disabling, although the performance drops, it can significantly improve security.
Microsoft said the company hopes that the Super Duper Secure Mode can change the pattern of modern exploits, and significantly increase the cost of attackers so that more attackers give up.
Enable Super Duper Secure Mode in Microsoft Edge browser
- Launch Microsoft Edge browser
- Visit edge://flags/#edge-enable-super-duper-secure-mode
- Select Enabled and restart the browser
Via: techdows
