Microsoft to develop 'Super Duper Secure Mode' to boost Edge browser security
text_fields
New Delhi: In order to make its Edge browser more secure, Microsoft is working on a new feature called 'Super Duper Secure Mode' that will turn off certain optimisations that will not let hackers exploit bugs in the browser.
"It will take some time, but we hope to have CET, ACG, and CFG protection in the renderer process. Once that is complete, we hope to find a way to enable these mitigations intelligently based on risk and empower users to balance the tradeoffs," Microsoft said in a blog post.
The Super Duper Secure Mode works by turning off a feature of Edge's JavaScript engine meant to make a website's code run faster.
"This is, of course, just an experiment; things are subject to change, and we have quite a few technical challenges to overcome. Also, our tongue-in-cheek name will likely need to change to something more professional when we launch as a feature," the company explains.
JavaScript engine bugs are a mainstay for attackers for a variety of reasons; they provide powerful exploit primitives, there is a steady stream of bugs, and exploitation of these bugs often follows a straightforward template.
"Mitigations have a long history of being bypassed, so we are seeking feedback from the community to build something of lasting value," Microsoft added.
The company also informed that it hopes is to build something that changes the modern exploit landscape and significantly raises the cost of exploitation for attackers.
