Microsoft Edge's Enhanced Security Mode explained
Microsoft Edge's Enhanced Security Mode is an optional security feature of Microsoft's web browser that is designed to improve protection against attacks on the Internet.
Called Super Super Secure Mode during its experimental testing phase, Enhanced Security Mode blocks access to the Just In Time compiler; this reduces the attack surface and makes it more difficult to use exploits according to Microsoft.
When enabled, Enhanced Security Mode enables additional protections provided by the operating system, such as Hardware Enforced Stack Protection, Arbitrary Code Guard, and Control Flow Guard.
Note: WebAssembly is not supported right now. Sites that use it need to be added to the exceptions list to make sure they work in Edge after enabling the security mode.
Configuring Enhanced Security Mode
Enhanced Security Mode is disabled by default. Edge users may configure the security feature in the following way:
- Load edge://settings/privacy in the browser's address bar; this opens the Privacy, search and services options of Edge.
- Scroll down until you find "Enhance your security on the web".
- Enable the toggle to turn the feature on.
Note: Enhanced Security Mode is available on Windows and Mac operating systems only.
The security feature has two different levels that you may select:
- Basic (Edge Dev only) -- Enables Enhanced Security Mode for "less visited sites" only.
- Balanced -- The default level when Enhanced Security Mode is enabled. It uses security mitigations on all sites that are not visited frequently.
- Strict -- Improves security further by enabling the enhanced protections on all sites.
Strict mode offers protections on all sites, but it may lead to more site breakage according to Microsoft.
You can disable the security mode on specific sites by selecting Exceptions in Edge Stable (in Edge Dev, it is called manage enhanced security for sites).
Microsoft is testing a new option to always use enhanced security for sites in Edge Dev currently. Exceptions are useful, for example, when a site's functionality is broken if the mode is enabled.
Administrators may use a policy to configure the security feature in the Edge browser.
Manage Enhanced Security
Microsoft Edge displays "Added security" in the browser's address bar if Enhanced Security Mode is enabled on a site.
A click on the icon and the selection of "Enhance security for this site" displays an option to turn the feature off on the site and to open the preferences to adjust them in the browser.
Now You: How useful is Edge's Enhanced Security Mode feature?Advertisement