TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Microsoft to strengthen the Edge Sandbox in Windows 10

Microsoft Edge will now be more secure and safe, says Microsoft. Seeing the increasing hack reports of Microsoft Edge web browser, the Company has decided to improve the security of its Sandbox thereby controlling the Remote Code Execution attacks. As per the official blog post, Microsoft will now be using Windows 10 Creators Update to strengthen the Microsoft Edge sandbox.

While Microsoft Edge is already using the technologies like ACG (Arbitrary Code Guard) and CIG (Code Integrity Guard) to avoid hacking attempts, it is still vulnerable in some aspects.

Microsoft Edge to get a stronger Sandbox

Attack Surface Reduction Microsoft will now configure the Microsoft app container and reduce the amount of code of the sandbox so as to minimize the attack surface for the attackers. This is somewhat the key strategy of strengthening the overall security of Edge’s sandbox. The impact will be as mentioned below-

  • 100% reduction access to MUTEXes: allow a process to lock up a resource, causing hangs.
  • 90% reduction in access to WinRT and DCOM APIs: this is the large win here, dramatically reducing Microsoft Edge’s attack surface against the WinRT API set.
  • 70% reduction access to events and symlinks: symlinks are especially interesting because they are often used in creative bait & switch attacks to escape sandboxes.
  • 40% reduction in access to devices: Windows supports many device drivers, and their quality is somewhat beyond Microsoft’s control. The tuned sandbox cuts off access to any device that Microsoft Edge does not explicitly need, preventing attackers from using vulnerabilities in device drivers to escape, or from abusing the devices.

Custom crafted app container– Microsoft is also working on less privileged and custom-crafted app containers so as to reduce the attack surface and avoid attacks.

No access to brokers- Brokers are codes which might have bugs and thus are the most crucial threat to your security. If an attacker runs the code of a broker, he can easily gain RCE, the strengthened Microsoft Edge cuts off access to most of the brokers. Also, the company will be applying the mitigation technologies to the accessible brokers, thereby tightening the security.

Microsoft promises to keep working on Microsoft Edge’s security by strengthening the sandbox making it harder for the attackers to intrude. Check out the official blog post to learn more.

Updated on Tags:

ShiwangiPeswani@TWC

Shiwangi Peswani is a qualified writer and a blogger, who loves to dabble with and write about computers and the Internet. While focusing on and writing on technology topics, her varied skills and experience enables her to write on any topics which may interest her.