View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Microsoft: Edge will be ‘most secure browser we’ve ever shipped’

Software vendor prepares to overhaul web security.

By Jimmy Nicholls

Microsoft is plotting a fundamental overhaul of web security as it prepares to launch Edge in late July following 19 years of Internet Explorer.

Updates to the web browser will seek to combat common cyberattacks such as phishing and session hijacking, which allow hackers to steal credentials and attack computer systems.

Crispin Cowan, senior program manager at Microsoft Edge, said: "Microsoft Edge is a brand new browser, with new goals and requirements. This has allowed us to include these security enhancements, both brand new security features, and moving older opt-in features to be always-on.

"For this reason, we believe Microsoft Edge will be the most secure web browser that Microsoft has ever shipped. As security is a process, not a destination, we will continue to work on browser security improvements."

To defend against phishing Microsoft plans to make greater use of Passport, a single sign-in service that allows users to log in to websites without entering plain text passwords.

The move follows a surge in sophisticated and plausible phishing attacks targeting services such as Microsoft Outlook through the use of visually identical webpages.

In addition Edge will place a greater emphasis on authentic web certificates, a response to hackers using encrypted connections after users were told to place greater trust in websites that did so.

Content from our partners
<strong>How to get the best of both worlds in the hybrid cloud</strong>
The key to good corporate cybersecurity is defence in depth
Cybersecurity in 2023 is a two-speed system

"Users have learned to trust sites that use encrypted web traffic," Cowan said. "Unfortunately, that trust can be undermined when malicious sites use improperly obtained or fraudulent certificates to impersonate legitimate sites."

Microsoft has also steeled Edge against attempts by hackers to subvert or hijack it, both through the creation of a safer extension model and the use of an app container sandbox, which will run every Internet page in isolation to protect the rest of a computer.

The company has also added protections against memory corruption, which involves a hacker sending bad input to a program in order to first confuse it and later gain control of it.

In a caveat, Cowan said: "Despite all efforts, there will be security vulnerabilities in Microsoft Edge that we do not yet know about,"

He added that the firm would be creating a bug bounty program for Windows 10 that also covered Edge.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.