Security baseline for Microsoft Edge version 128

We’re excited to announce the enterprise release of our security baseline for Microsoft Edge version 128!

We have reviewed the settings for Microsoft Edge version 128 and updated our guidance by adding two settings and removing two settings. The new Microsoft Edge Security Baseline package has just been released to the Download Center. The new package can be downloaded here: Security Compliance Toolkit.

Dynamic code settings (added)

This setting is part of a longer-term strategy to prevent potentially malicious third-party code from interacting with the browser process by enabling Arbitrary Code Guard. Any attempts by third-party software to inject into Edge after startup will fail. Note: This change may impact application compatibility in environments where third-party code is used for accessibility or other purposes. We recommend testing with a subset of users before widespread deployment.

Enable application bound encryption (added)

With InfoStealer attacks (attacks that harvest sensitive data) on the rise, this setting pairs encryption of local data storage directly to Microsoft Edge. By applying this setting, enterprises are protected from malicious apps attempting to obtain encryption keys.

The following settings are no longer supported and have been removed:

Microsoft Edge\Image enhancements enabled

Enable Microsoft Edge\Force WebSQL

Microsoft Edge version 128 introduces seven new computer settings and seven new user settings. We’ve included a spreadsheet listing the new settings in the release to make them easier to find.

As a friendly reminder, all available settings for Microsoft Edge are documented. hereand all available settings for Microsoft Edge updates are documented. here.

Please continue to give us your feedback. Security Standards Community Or leave a comment on this post.