Security baseline for Microsoft Edge v95

This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .

We have reviewed the settings in Microsoft Edge version 95 and updated our guidance with the addition of 2 settings. A new Microsoft Edge security baseline package was just released to the Download Center. You can download the version 95 package from the Security Compliance Toolkit.

 

Enable browser legacy extension point blocking

To improve reliability and security, this new setting blocks certain code injections from legacy third-party utilities. This setting is enabled by default and will be enforced with a value of ‘enabled’ in the baseline.

 

Specifies whether the display-capture permissions-policy is checked or skipped

This setting exists as a temporary compatibility mitigation to allow web applications using the getDisplayMedia() API to bypass a permission policy check required by the API specification. This setting is enabled by default and will be enforced with a value of ‘enabled’ in the baseline until version 100, when this setting will become deprecated and the setting will be permanently enabled.

 

Microsoft Edge version 95 introduced 11 new computer settings, 11 new user settings, and removed 3 settings. We have included a spreadsheet listing the new settings in the release to make it easier for you to find them.

 

As a friendly reminder, all available settings for Microsoft Edge are documented here, and all available settings for Microsoft Edge Update are documented here.

 

Please continue to give us feedback through the Security Baseline Community or this post.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.