Microsoft has planned a large no. of changes and new features to be released with Windows 10 Creators Update. They bringing more improvements and a set of new features to Microsoft Edge too. To be specific, they are strengthening the Microsoft Edge Sandbox to make Edge more secure and keep it protected against hackers.
Microsoft aims to avoid any future Edge and Internet Explorer security flaw. Microsoft wants to strengthen Edge to block against Remote Code Execution (RCE) attacks. Microsoft Edge Sandbox is the next security measure coming to Edge in the Windows 10 Creators Update.
Take a look at current Microsoft Edge Sandbox app container model:
With the Windows 10 Creators Update, Microsoft plans to implement some new Edge sandbox security measures to make it harder to exploit sandbox vulnerabilities. Using a tightened Microsoft Edge content process sandbox model will make it harder to exploit vulnerabilities.
Here are some of the benefits of the upcoming improvements:
- 100% reduction access to MUTEXes: allow a process to lock up a resource, causing hangs.
- 90% reduction in access to WinRT and DCOM APIs: this is the large win
here, dramatically reducing Microsoft Edgeâ€™s attack surface against the
WinRT API set.
- 70% reduction access to events and symlinks: symlinks are especially
interesting, because they are often used in creative bait & switch
attacks to escape sandboxes.
- 40% reduction in access to devices: Windows supports many device
drivers, and their quality is somewhat beyond Microsoftâ€™s control. The
tuned sandbox cuts off access to any device that Microsoft Edge does not
explicitly need, preventing attackers from using vulnerabilities in
device drivers to escape, or from abusing the devices.
These improvements will make it harder for hackers to exploit Microsoft Edge by increasing the time and effort needed to break Microsoftâ€™s security measures.
Are you excited for Windows 10 Creators Update and all the new features coming with it? Comment below and let us know.
Stay tuned for more.
Source: On MSFT