back to article Microsoft tightens Edge security for less visited websites

Microsoft wants to make it safer for Edge users to browse and visit unfamiliar websites by automatically applying stronger security settings. The new feature is part of a number of security updates in version 104.0.1293.47 announced this month that are designed to reduce the risk for the five Edge users users as they move …

  1. WolfFan

    Please stop saying

    That there are only five Edge users. There are probably as many as ten, possibly even a dozen.

    1. veti Silver badge

      Re: Please stop saying

      According to StatCounter, it's the third most popular browser behind Chrome and Safari - ahead of Firefox, Samsung and Opera.

      And please nobody say "people need to use it once to download a proper browser", because that's obvious, hackneyed, silly and untrue. I repeat, Edge gets more day-to-day usage than Firefox. It deserves some respect.

      1. steviebuk Silver badge

        Re: Please stop saying

        I'd argue its only because its forced on users. Especially with the default browser randomly getting reset to Edge.

        Windows 11 got pushed out to our machines at work which I was annoyed about as we hadn't set up policies yet. One install I set Chrome as default browser and rebooted. Logged back in and Edge had decided to set itself back as default.

        We aslo have the period when MS were making it a lot more difficult to change the default browser.

        Essentially everything they are doing for Edge is very similar to their anti trust in the late 90s and they really need to be hit again with another one.

        1. Captain Scarlet

          Re: Please stop saying

          Ah yes until you go to Google and you get the "USE THIS BROWSER ITS SAFER" plastered everywhere.

          My biggest issue is people randomly clicking stuff, most people don't even know what Google Chrome is.

    2. Anonymous Coward
      Anonymous Coward

      Re: Please stop saying

      Edge is now the default we use on remote desktop environments. Supports all Chrome extensions, renders sites the same as Chrome, has a smaller memory footprint and has IE mode for the old sites that are still in use now the IE is EOL. Can be managed via GPO.

  2. Spoonsinger

    That's a nice little website you have there,

    shame if we made it annoying to access via our software. Maybe if you use our new $$$ a month verification product you too can be a popular site and not an annoying site.

    1. veti Silver badge

      Re: That's a nice little website you have there,

      You need a dominant market position to swing that kind of thing. 15 years ago, maybe Microsoft could have pulled off something like that. But now? - the big hit would be on the popularity of their browser, not the website.

      1. EnviableOne

        Re: That's a nice little website you have there,

        like their dominant position in the OS market...

  3. OhForF' Silver badge

    Disabling JIT?

    Unless they do something similar to NoScript most of the scripting attack vectors are still there.

    I am aware that NoScript is probably a bit too much hassle for non technical users as half the web sites display something along the lines of "please enable scripting, this site depends on it" and another quarter simply displays a blank page.

    I still wonder why no browser allows to block scripts by default but allow them for specific sites in a session in a simple way like NoScript for advanced users.

  4. Anonymous Coward

    Good for Microsoft

    As one of the five Edge users (because some of the sites I access require a Chromium browser) I appreciate the auto blocking o JIT.

    I also appreciate that I can install uBlock Origin, block tracking cookies, and disable permissions.

    And as far as "I still wonder why no browser allows to block scripts by default but allow them for specific sites in a session in a simple way like NoScript for advanced users."

    Edge allows you to block the Javascript permission and add individual sites to the Allow list.

    It's not enough to pry me away from Firefox but anyone still using Chrome should switch.

    1. Anonymous Coward
      Anonymous Coward

      Re: Good for Microsoft

      It's good for Microsoft, but not good for users as Microsoft joins the vast swath of companies that want to become gatekeepers of what you watch online. I'm guessing websites listing all their CVEs and other critiques will somehow magically become much harder to use, for instance.

      1. veti Silver badge

        Re: Good for Microsoft

        If anything becomes "much harder to use", people will simply switch browsers. It's not 2005 any more, people are aware of the existence of other browsers now.

  5. FrogsAndChips Silver badge

    Sounds like NoScript for dummies

    Works a bit like NoScript or similar extensions (block scripts unless users manually authorizes or adds the site to a whitelist), so seems like a step in the right direction.

    What I can't figure out, and the MS doc isn't clear about this, is how sites are categorized into 'popular', 'unfamiliar', 'less visited'. Is it just based on the user's browsing history (the first time I visit, it will be considered 'unfamiliar'), or does MS maintain a list of more or less visited sites globally? Do they also maintain a list of untrusted websites?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like