The "Microsoft Edge 96" stable version (V96.0.1054.29), released on November 19, US time, has been added secretly.Johnathan Norman, the lead at Microsoft Edge Vulnerability Research, has revealed on his Twitter account.
"Super Duper Secure Mode" (translation: very security mode) is a JavaScript operation mode that simply cut off the performance and swing it all to security.
The JavaScript engine "V8", which is equipped with "Chromium" (an open source web browser based on "Edge"), uses a complex technique called "JIT" to enhance the performance as much as possible.There is.However, this is less effective depending on the situation, and the implementation is complicated, and it is an obstacle to introducing strong security easing measures such as CET, ACG, and CFG to the rendering process.
The concept of this security mode is to give up JIT and solidify "Chromium" with the latest security instead.Performance will drop a little, but it will be useful in an environment where security is handled, such as handling confidential information.
The "SUPER DUPER SECURE MODE" of "Edge 96" can be enabled by turning on the [enabled security reduction measures and realizing a safer browser experience] function.(Initial settings are "balance" mode that also takes compatibility)."Strict" is a mode that emphasizes security over compatibility, and also matches users and situations who want "Super Duper Secure Mode".The Function that enables security reductions and realizes a more secure browser experience can be set in the [privacy, search, service] section (edge: // settings/privacy) on the setting screen.
設定画面の[プライバシー、検索、サービス]セクション(edge://settings/privacy)He states that "Super Duper Secure Mode" will be used on Wasm (Webassemble).
Apology and Correction: At the beginning of the article, I mentioned that "Super Duper Secure Mode" is incorporated in the "strict" mode of tracking prevention function, but correctly [enables security reduction measures.It was a "strict" mode of the "realization of a safer browser experience."I apologize and correct it.