Microsoft locks down Edge with virtualization in Win10 Enterprise

Virtualization is everywhere these days, and your browser might soon be wrapped in it as well. Microsoft has announced that the "next major update" of Windows 10 Enterprise will offer a virtualization option for Microsoft Edge in a bid to thwart most types of web-based attacks.

The new technology is called "Application Guard" and it's part of Microsoft's Secure Productive Enterprise suite. Application Guard uses Windows 10's Virtualization Based Security, a feature that uses Hyper-V for isolating applications from the underlying operating system. According to the company, Windows Defender Application Guard for Microsoft Edge (for that's its full name) "isolates the browser and employee activity using a hardware-based container." System administrators will have the option to have their machines run Edge transparently inside a lightweight VM, deployed and configured by a group policy.

Application Guard comes with a few catches, though. According to ArsTechnica's Peter Bright, the technology requires VT-d support on the client CPU for I/O virtualization purposes. While most recent CPUs support VT-d, that may not be the case with older machines in the field. There are also some software compatibility niggles. Since the client machine will be running Hyper-V, other virtualization software like VMWare Workstation or VirtualBox won't run be able to run at the same time as Application Guard.

Application Guard will only be available with Microsoft Edge for now. Microsoft says that Windows Insiders can get a taste of the new, improved flavor of Edge "in the coming months," and it expects to roll out the feature sometime next year.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.