New Delhi – Microsoft is working on a new feature called ‘Super Duper Secure Mode’ that will make its Edge browser more secure.
The new mode will turn off certain optimisations that will not let hackers exploit bugs in the browser.
“It will take some time, but we hope to have CET, ACG, and CFG protection in the renderer process. Once that is complete, we hope to find a way to enable these mitigations intelligently based on risk and empower users to balance the tradeoffs,” Microsoft said in a blog post.
The mode turns off a feature of Edge’s JavaScript engine meant to make a website’s code run faster.
“This is, of course, just an experiment; things are subject to change, and we have quite a few technical challenges to overcome. Also, our tongue-in-cheek name will likely need to change to something more professional when we launch as a feature,” the company added.
The company said it hopes is to build something that changes the modern exploit landscape and significantly raises the cost of exploitation for attackers.
“Mitigations have a long history of being bypassed, so we are seeking feedback from the community to build something of lasting value,” said Microsoft.
JavaScript engine bugs are a mainstay for attackers for a variety of reasons; they provide powerful exploit primitives, there is a steady stream of bugs, and exploitation of these bugs often follows a straightforward template.