Microsoft Edge 113 removes Basic Enhanced Security Mode

Martin Brinkmann
May 6, 2023
Microsoft Edge
|
20

Microsoft has just released Microsoft Edge 113 Stable for all supported operating systems and platforms. The new version of the browser makes a change to its Enhanced Security Mode, automatic updating on macOS devices, and a bunch of new policies for system administrators.

Microsoft Edge 113 is already available and most installations of the web browser should receive the update automatically in the coming days. Desktop users may speed up the installation of the update by selecting Menu > Help & Feedback > About Microsoft Edge. The browser should download and install the update when the page is opened.

Removed Basic Enhanced Security Mode

microsoft edge enhanced security mode

One of the main changes of Microsoft Edge 113 removes something from the browser.  Microsoft notes in the release notes that it has consolidated the security level settings of the browser's Enhanced Security Mode.

Enhanced Security Mode is disabled by default on most systems. It enables protections against certain threats and disables the Just In Time Compiler, which makes certain exploits more difficult to use.

Edge, up until now, supported the three modes Basic, Balanced and Strict. The three modes determined the scope of the feature. Basic mode, the mode that Microsoft removed, enabled the mitigations for "less visited sites" only. Balanced expanded this to all sites that were not visited frequently in Edge and Strict expanded it even further to all sites.

With Basic gone, Microsoft Edge users have the option to set the mode to Balanced or Strict. The descriptions of the two modes have not changed. Edge users who have configured the browser to use the Basic mode are likely moved to Balanced mode during the upgrade to Edge 113, but there is no confirmation from Microsoft about this in the release notes.

The second main change of Edge 113 is that the browser users a new updater on macOS devices. The switch from Microsoft Autoupdate to EdgeUpdater. Microsoft explains here that the switch "provides an update experience tailored to browser usage, with fast, reliable updates and minimal user interruption". EdgeUpdater furthermore allowed the company to align its backend systems and allows it to "deliver new macOS management experiences".

System administrators need to know that policies have changed and that the new policies need to be set before updating to Microsoft 113.

Microsoft Edge 113 comes with PDF View Settings and Microsoft Root Store policy updates. The first, RestorePdfView, gives administrators control over Edge's PDF View Recovery feature. The second is a deprecated policy that will be removed in Edge 115.

The release notes lists four new policies:

  • EnforceLocalAnchorConstraintsEnabled - Determines whether the built-in certificate verifier will enforce constraints encoded into trust anchors loaded from the platform trust store
  • ReadAloudEnabled - Enable Read Aloud feature in Microsoft Edge
  • ShowDownloadsToolbarButton - Show Downloads button on the toolbar
  • TabServicesEnabled - Tab Services enabled

Edge 113 updates the Chromium core as well,

Now You: have you tried Edge recently?

Summary
Microsoft Edge 113 removes Basic Enhanced Security Mode
Article Name
Microsoft Edge 113 removes Basic Enhanced Security Mode
Description
Microsoft has just released Microsoft Edge 113 Stable for all supported operating systems and platforms.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. 11r20 said on May 7, 2023 at 4:50 pm
    Reply

    @John G. asked > @11r20 won’t be more useful to add the list of blocked sites with a uBlock Origin or Adguard filter?

    @11r20 says: Yeppers, I also use uBlock-original and it’s backed up.

    I “manually” update blocklist’s and AV-security

    The occasional nefarious network IP I capture is kept/listed in ‘2’ firewalls
    and a Piholed-router

    It’s been so enjoyable over the years to run ‘lean’ and ‘quiet’

    11r20 from Texas

    1. John G. said on May 7, 2023 at 7:16 pm
      Reply

      @11r20, oh, now I see that you are from Texas. The good country of the Lone Star that has one of the most interesting History of the whole states of USA, and that proudly shows its dignifying respect to the Six Flags along the time since 1519. Indeed one of the favorites books of my father is “Texas”, by James A. Michener (it’s one of the most fat books I have seen, more than 1020 pages in the 1986 Spanish edition). The book was a gift that a man from Frisco gave to my father in Madrid. Such old times for my young mind.

  2. ilev said on May 7, 2023 at 11:38 am
    Reply

    My Edge Version 113.0.1774.35 (Official build) (64-bit) has Basic, Balanced and Strict modes

    1. John G. said on May 7, 2023 at 1:02 pm
      Reply

      @ilev, probably you need to go below at configuration options. I think that you are writing about the tracking protection. Just seek near the secure DNS configuration, you will see the enhanced security options near there. Edge Version 113.0.1774.35 is the right version for this article.

  3. Anonymous said on May 7, 2023 at 12:13 am
    Reply

    Only about .01% of Edge installations are used as default browsers. MS inflates its stats from desktop search queries and OS calls.

  4. John said on May 6, 2023 at 10:10 pm
    Reply

    Enhanced security drastically slowed the browser performance last time I enabled it. I don’t use Edge anymore, far as I am concerned Microsoft went the wrong direction with Edge implementing too many niche features and bloating up the browser.

    1. John G. said on May 7, 2023 at 12:37 am
      Reply

      @John, same here when visited a “non frequently visited site”, however after reloaded the website two times the website fall down from estric to balanced security and it works with good speed again. It’s due the control of JIT, and where is more noticeable is in website with heavy scripts. Anyway you can add an exception for those websites one by one, and even you can make a general exception for all https://* sites. Also you can add only all the http://* sites to be controlled by the supposed enhanced security (see above the “manage the enhance security for sites” option).

  5. 11r20 said on May 6, 2023 at 7:14 pm
    Reply

    I don’t use Edge or any Windows-browsers at all.

    But when using the latest ‘Blackbird for Windows’ on a locked down Win7-Pro, I noticed it Pings & Blocks a Crap-Ton of ‘Edge-IP’s.

    This should raise enough red flags to avoid ‘Edge’

    There’s also a screenshot on line showing the Blackbird ‘Edge’ Block-list @ https://www.getblackbird.net/blacklist/hosts/

    11r20 from Texas

    1. John G. said on May 7, 2023 at 1:06 pm
      Reply

      @11r20 won’t be more useful to add the list of blocked sites with a uBlock Origin or Adguard filter?

  6. Tachy said on May 6, 2023 at 5:01 pm
    Reply

    Dear readers…

    The “Windows Update Orchestrator prevents windows from sleeping” has come back for me.

    Has anyone else run into this issue on windows 10?.

    I’ve tried adding the following override but it makes no difference.

    powercfg -requestsoverride SERVICE UsoSvc EXECUTION

    I’ve have to disable the service for a temporary fix.

    I am using win 10 pro and do have Quality updates delayed 14 days and Feature updates delayed 180 days.

    I also have the target feature update version set to 22H2.

    1. John G. said on May 6, 2023 at 9:07 pm
      Reply

      @Tachy, hello, have you execute the command “powercfg -requestsoverride SERVICE UsoSvc EXECUTION” under admin privileges? :S Are you sure that the “MoUsoCoreWorker.exe” has no culprit? Simply test: powercfg /requestsoverride process MoUsoCoreWorker.exe execution
      (and see if it is solved). To undo: powercfg /requestsoverride process MoUsoCoreWorker.exe
      (both commands should be executed with admin privileges).
      I hope it will work, this was fine for me with W10 21H1 for a while too, however I don’t remember exactly the version that it was installed.

      1. Tachy said on May 7, 2023 at 4:08 am
        Reply

        @John G

        Thanks for replying.

        Yes I ran the command prompt as Admin. I have it pinned to my start menu and I r-click on it and hover over “more” and click on ‘run as admin’.

        As it did not work I’ve already removed the override.

        I did find a 6 year old workaround, from Martin Brinkmann.

        https://www.ghacks.net/2017/12/03/allow-only-manual-updates-on-windows-10/

        It gives me great pleasure to see the result of the last time the task was ran as “access denied”.

        My PC now sleeps normally again.

      2. John G. said on May 7, 2023 at 12:53 pm
        Reply

        @Tachy, I’m glad you were able to fix the problem! :]

  7. Leopeva64 said on May 6, 2023 at 3:07 pm
    Reply

    Speaking of Edge, just like Google with the Chrome Web Store, Microsoft will also add badges to some of the extensions in the Edge Add-on Store, this was announced some time ago, but the badges have only started showing up since yesterday when visiting the store in Edge Canary (controlled rollout):

    https://redd.it/1392wts
    .

  8. Seeprime said on May 6, 2023 at 3:07 pm
    Reply

    John G: Very nice addition to the article.

    1. John G. said on May 7, 2023 at 12:29 am
      Reply

      @Seeprime thanks! :]

  9. John G. said on May 6, 2023 at 1:41 pm
    Reply

    The enhanced security mode of MS Edge is the worst useless pile of garbage ever done in security, in terms of browsing. The main reason of this is that the only difference between balanced and strict is the “number of visits” that you have done to the site (or even the number of visits that a website received in whatever criteria that I still haven’t found). And this is a real problem, because it’s not decision of the user that can allow or disallow it, as it should be. The different ways of enhanced security consists in the next particular options:

    “This runs the unknown sites without just-in-time (JIT) compilation to provide additional protection. Running without JIT reduces the attack surface, making it more difficult for malicious sites to exploit vulnerabilities. Additional protection includes Windows operating system mitigations such as hardware-enforced stack protection, arbitrary code protection (ACG), and control flow protection (CFG).”

    However this is not true. They are lying because you are really controlling o enhancing nothing at all, because if you visit a website three times the sites is automatically recognized as secure. The same with some local sites that are visited by thousands of persons per day and it automatically is set automatically to “strict” (e.g. my online supermarket). Also this is a pure security placebo because when you clear all cookies (if you use the option to clear them on exit), the next time you visit the “secure” sites they are new again to the browser itself. I don’t know if I have explained my complaints to be understand in a clear way, however I will explain it in another way:

    – The balanced and strict options must clarify what the browser understand for “frequently visited” sites because I can visit one hundred times a site and this doesn’t make secure the site.
    – The user must have the power to decide what they want to protect by default (e.g. JIT, ACG, CFG and so forth) in a new mode that may be named “user mode”.
    – The criteria of “frequently visited sites” should disappear too: it’s useless.

    Thanks for the article.

    1. Sebas said on May 7, 2023 at 1:56 pm
      Reply

      @ John G. Excellent clarification of this gibberish security options and how they – not- work. Never known before. Thank you!

      1. John G. said on May 7, 2023 at 8:41 pm
        Reply

        @Sebas thanks! :]

    2. Nameless said on May 6, 2023 at 4:41 pm
      Reply

      most browsers include gimmick privacy features to make users feel that they are protected…in reality they’re not…there’s no privacy online.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.