Microsoft seems to be taking the security of its Edge browser seriously. Last May, the company announced Edge would drop support for the much hated ActiveX and Browser Helper Objects. This time around, the company is taking a hard stance against code injection.
Until recently, users could be affected by certain strains of malware which would hook unsigned DLLs directly into the Edge process without consent. One of the most "popular" outcomes was the installation of cutesy toolbars, without as much as a security prompt or installation request. That sort of easy injection is all over with the latest version of Edge, though.
The major Windows 10
Service Pack update published last week upgrades Edge's engine to the latest "EdgeHTML 13" version. The updated Edge includes kernel-level protection against code injection. Software can't hook code into Edge unless it's a Windows component or a Microsoft- or WHQL-signed DLL. For example, a WHQL webcam driver can still run inside Edge's process, but an unsigned toolbar or ad injector cannot.
Microsoft says the new security measure shouldn't affect regular users of Edge. The company thinks life will become much harder for attackers trying to take over browsing or steal private information, though, and it's hard to see that as anything but a positive development.
|Computex 2017: Asus reveals a ton of new ZenBooks and Vivobooks||4|
|NTFS filesystem bug could crash Windows 7, 8, and 8.1||38|
|Aerocool starts Project 7 with a flurry of case and cooling gear||5|
|Enermax NeoChanger is both a pump and a reservoir||13|
|Acer sprinkles the Iconia Tab 10 with quantum dots||9|
|Deals of the week: lots of motherboards and a cheap GTX 1080||20|
|MSI Vortex G25VR, Infinite-A, and Pro 20EX PCs fill all niches||2|
|Nvidia unveils the GeForce GTX Battlebox certification program||33|
|Acer Spin 1 and Nitro 5 laptops are ready for school season||13|
|Nah, giving it up with no resistance is downloading Chrome.||+10|