Microsoft Edge 112 ships with security fixes and improvements
Microsoft has released Microsoft Edge 112, a new stable version of the company's web browser. Edge 112 is a security update first and foremost, that follows the regular Chromium release schedule. Google published Chrome 112 earlier this week and addressed a total of 16 different security issues in the browser.
Microsoft Edge 112 includes 16 security fixes for the desktop versions as well, but two of them are specific to the browser. While Chrome and Edge share the same core, which is called Chromium, they do contain code that is not necessarily open source but unique to a specific browser.
Microsoft Edge updates itself automatically on most systems. You may load edge://settings/help to display the current version or use Menu > Help & feedback > About Microsoft Edge to open the page. The page executes an update check, and any new version is downloaded and installed automatically at this point.
As far as the Edge-specific security issues are concerned, there are three, but one is specific to Edge on Android. The severity is either moderate or low, and none appear to be exploited in the wild.
- Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability -- CVE-2023-28284
- Microsoft Edge (Chromium-based) Spoofing Vulnerability -- CVE-2023-24935
- Microsoft Edge (Chromium-based) Tampering Vulnerability -- CVE-2023-28301
Microsoft Edge 112: non-security changes
Microsoft Edge 112 is a rather light release when it comes to new features. The official release notes are published here, and they include five feature updates.
Enhanced Security Mode, is an optional security feature of Microsoft Edge, which is designed to reduce attack surfaces. It does so by disabling the Just in Time compiler and enabling additional security protections, if supported by the operating system.
This feature now supports WebAssembly for ARM64, ensuring cross-platform support across 64-bit versions of Windows, macOS, Linux and Arm64 systems.
As for the other features, there is a new in-browser JSON viewer that includes several improvements, such as a "color-coded tree view with line numbers and the ability to collapse and expand the data". JSON files are opened automatically in the viewer, if they are accessed on webpages. or when local JSON files are opened.
The feature is rolling out over time, but interested users may enable it right away using the following instructions:
- Load edge://flags/#edge-json-viewer in the browser's address bar.
- Set the status of the feature to Enabled.
- Restart Microsoft Edge.
The three remaining features affect policies. The first updates the new tab page policy. The NewTabPageHideDefaultTopSites hides default top sites when enabled. Microsoft extended this to include sponsored quick links as well, which are now also hidden when the policy is enabled.
WebAppInstallForceList is a new policy for Microsoft Edge. It may be used by administrators to "configure a list of web apps that install silently, without user interaction, and which users can't uninstall or turn off".
The third policy, CryptoWalletEnabled, enables Microsoft Edge's Crypto Wallet feature.
Now You: have you tried Edge lately?Advertisement