Microsoft Edge 107: security updates and new policies
Microsoft released a new stable and extended stable version of its Edge web browser today. Microsoft Edge Stable 107.0.1418.24 and Microsoft Edge Extended Stable 106.0.1370.59 are already available. Both updates address a number of security issues in Edge; the stable version release introduces new policies for administrators.
Most Edge installations will get updated automatically in the coming days. Administrators who want to speed up the deployment of the update may load edge://settings/help in the browser's address bar, or go to Menu > Help > About Microsoft Edge, to run a manual check for updates.
Edge displays the installed version and checks for updates when the page is opened. The new version should be picked up at that point, downloaded and installed.
Microsoft Edge 107 is a security update. The Security Updates guide lists 8 different security issues in Edge 107, six less than Google patched in Chrome 107 earlier this week. All security issues affect the Chromium core of the web browser; none are Edge specific. Google released another security update for Chrome yesterday, which addressed an issue that is exploited in the wild. It is unclear if Edge is affected by this as well. The issue has not been addressed in the update that Microsoft released.
The release notes lists no new features for Home users. They list several new policies and policies changes, which administrators may configure to customize Microsoft Edge.
Microsoft lists the following new and updated policies:
- HubsSidebarEnabled - Used to turn the sidebar on or off.
- ExtensionInstallBlockList - Defines which extensions users can't install in the browser.
- ExtensionInstallForceListEdgeWorkspacesEnabled -- Defines which extensions are installed silently.
- RestoreOnStartupUserURLsEnabled - If enabled, users may configure their own URLs that open when Edge is started.
- EnhanceSecurityModeBypassIntranet - Enhanced Security Mode configuration for Intranet zone sites
- EventPathEnabled - Re-enable the Event.path API until Microsoft Edge version 115
- InternetExplorerIntegrationLocalMhtFileAllowed - Allow local MHTML files to open automatically in Internet Explorer mode
- LinkedAccountEnabled - Enable the linked account feature
- PerformanceDetectorEnabled - Performance Detector Enabled
- RestoreOnStartupUserURLsEnabled - Allow users to add and remove their own sites during startup when the RestoreOnStartupURLs policy is configured
- DefaultShareAdditionalOSRegionSetting - Set the default "share additional operating system region" setting
- WebSelectEnabled - Web Select Enabled
- WebSQLAccess - Force WebSQL to be enabled
- WebSQLNonSecureContextEnabled - Force WebSQL in non-secure contexts to be enabled
Now You: do you use policies to configure web browsers?