Microsoft takes steps to protect Edge from malicious code

The latest update to the engine powering Microsoft's Edge browser now only allows extensions made by Microsoft and certified hardware manufacturers to be loaded via DLLs (Dynamic-Link Library), which will bring greater stability and security to the browser.

Senior Program Manager of Microsoft Edge, Crispin Cowan, explained in a blog post that the change will prevent performance, stability and security issues from developing in Edge as a result of malicious software.

The change requires any extension which loads into Edge to be Microsoft-signed or WHQL-signed, which means only Microsoft and certified hardware manufacturers will be allowed to load their code directly inside Edge. WHQL-signed extensions would be drivers for devices, such as a webcam.

After ditching support for ActiveX and Browser Helpers, Microsoft has been locking down Edge to control what the user experiences, in an attempt to avoid a mistake it made with IE. It was commonplace for IE to be bogged down by malicious code, such as toolbars and third party content being injected onto websites to steal advertisement revenue or to invade the user's privacy.

Although the move to lock down Edge is great for user experience, it will not help Microsoft address one major weakness of Edge: the continued lack of extension support. Considered by many to be a given for browsers, the lack of extension support may scare off some users from Edge.

Report a problem with article
img_0937
Next Article

Windows Phone market share drops to 1.7%

windows-10-mobile-fan-01
Previous Article

Microsoft releases Windows 10 Mobile Insider Preview build 10586 to the Fast ring

26 Comments - Add comment

Advertisement