Microsoft Edge's Enhanced Security Mode explained
Microsoft Edge's Enhanced Security Mode is an optional security feature of Microsoft's web browser that is designed to improve protection against attacks on the Internet.
Called Super Super Secure Mode during its experimental testing phase, Enhanced Security Mode blocks access to the Just In Time compiler; this reduces the attack surface and makes it more difficult to use exploits according to Microsoft.
When enabled, Enhanced Security Mode enables additional protections provided by the operating system, such as Hardware Enforced Stack Protection, Arbitrary Code Guard, and Control Flow Guard.
Note: WebAssembly is not supported right now. Sites that use it need to be added to the exceptions list to make sure they work in Edge after enabling the security mode.
Configuring Enhanced Security Mode
Enhanced Security Mode is disabled by default. Edge users may configure the security feature in the following way:
- Load edge://settings/privacy in the browser's address bar; this opens the Privacy, search and services options of Edge.
- Scroll down until you find "Enhance your security on the web".
- Enable the toggle to turn the feature on.
Note: Enhanced Security Mode is available on Windows and Mac operating systems only.
The security feature has two different levels that you may select:
- Basic (Edge Dev only) -- Enables Enhanced Security Mode for "less visited sites" only.
- Balanced -- The default level when Enhanced Security Mode is enabled. It uses security mitigations on all sites that are not visited frequently.
- Strict -- Improves security further by enabling the enhanced protections on all sites.
Strict mode offers protections on all sites, but it may lead to more site breakage according to Microsoft.
You can disable the security mode on specific sites by selecting Exceptions in Edge Stable (in Edge Dev, it is called manage enhanced security for sites).
Microsoft is testing a new option to always use enhanced security for sites in Edge Dev currently. Exceptions are useful, for example, when a site's functionality is broken if the mode is enabled.
Administrators may use a policy to configure the security feature in the Edge browser.
Manage Enhanced Security
Microsoft Edge displays "Added security" in the browser's address bar if Enhanced Security Mode is enabled on a site.
A click on the icon and the selection of "Enhance security for this site" displays an option to turn the feature off on the site and to open the preferences to adjust them in the browser.
Now You: How useful is Edge's Enhanced Security Mode feature?
but if it uses ms defender will it work if i keep everything off there ? or does it need that active ? and if i use it with ms defender inative wont it make any difference ?
It is not a marketing text lol. Because it can break sites. When this feature first announced it didn’t have this text and I forgot about this feature exist. There was tons of websites which were breaking including WhatsApp web and I was going crazy because I had no idea what was causing these problems. If this text existed back then it would be way easier to for me to find a solution because it took me weeks to find out that setting caused the problems because it was new and there wasn’t much articles about it either
Has anyone noticed that it blocks too many site/pages/items?
I wonder what will happen when Windows 8.1 extended support terminates on Jan 10 next year and Edge has been installed on that OS to replace IE.
It’ll probably switch to Super Super Insecure Mode. :D
This will offer superior “security” automatically rather than Chrome or Firefox by default from the perspective of a normal user?
It’s not enabled by default but yes, it provides much better security
By disabling JIT JavaScript code is just much simpler to analyze and block malicious parts. Downside: possible lower performance but according to developers tests, in real usages is not visible in any way / may even help
Yes, the added protection is less likely to break a website.
I distrust MS to such a degree that I completely uninstalled Edge. I also uninstall most of the MS pre-installed apps.
My devices are lean and mean speedy fighting machines without the MS spyware.
I prefer Microsoft. Google is pretty devious in its attempts to hold your data. And it would not allow you to use ad blockers in its products despite getting your data. Microsoft has been making great products lately and gets my vote.
That’s right, don’t send it to Microsoft. Your data is safe with Google!
That is not true. Most data leaks including yours wasn’t about users and very minimal. Microsoft didn’t have any leak that revealed user information last year. If we would l include all, Google would have more user based leaks compared to Microsoft. Don’t forget about Google is ads based company unlike Microsoft. So not just they collect more data about you but also your data most likely more spread among the advertisers on Google. Which creates even larger attack vector. Even Google didn’t have a direct leak, hacking those advertisers would be enough to leak valuable information about you
@Frankel
The funny thing is that our data are safer with Google than Microsoft. The last years the leaks of data from Google are minimal. Microsoft had more than 6 leaks of data the last year lol.
Anything but Microsoft is safer and more secure. The most redicilous leak of all was the leak of sensitive data of users of Microsoft’s Bing search engine mobile application and the leak of the source code of Bing and Cortana.
> Microsoft Edge displays “Added security” in the browser’s address bar if Enhanced Security Mode is enabled on a site.
I know it is ridiculously, but that was the reason why I stopped using the enhanced security mode. It just really annoyed me this see this huge label taking up space. There are all kinds of security features enabled and running in the background, not only in the browser, but also in the OS. There is simply zero need for any of them (besides the SSL icon) to display a huge marketing message alerting us to that these security features are running.
And this “Added security” banner is completely useless. When you click it it provides zero information about what kind of security that has been added.
What is the next step? That Windows Defender starts to display a huge banner in the task bar displaying all the various ways it helps protect your computer.
The “Added security” could easily be replaced with e.g. a symbol on top of the SSL icon.
Some of us do care about minimal UI and having a huge irrelevant banner conflict with this.
/rant over
yeah, i have dozens of extensions so the adress space is already too disputed and waste all that space is really useless.
somebody should suggest this in where they see like a git issue or reddit . dont know what bug tracker they se
Agreed, it is large and Microsoft could replace it easily with an icon. Maybe even display “added security” for a moment before collapsing it into an icon.
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel
Off-topic: does anyone know of a release note page for Edge such as what Firefox, Chrome and Apple maintain? A page that shows the version numbers and their release date?
All I can find is a general audience blog that breathlessly expounds on all the new features (that none of seem to actually want lol).
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnote-stable-channel
Cheers!