Microsoft Edge 100 release: Here’s what’s new
Microsoft released the first three-digit version of its Microsoft Edge web browser on April 1, 2022. Microsoft Edge 100 is available for all supported systems. Like Google Chrome 100, released last week, Microsoft Edge 100 is not a version rich in features and improvements. However, there are some in the Edge 100.
Microsoft Edge automatically installs updates by default. Desktop users can load edge://settings/help to display the current version and run a check for updates. The latest update is automatically downloaded and installed if it is newer than the installed version.
Microsoft Edge 100 is first and foremost a security update. Microsoft rolls out nine Edge-specific security updates in version 100 of the browser. Security updates to Chromium, the core that Edge and Chrome are based on, are also incorporated in the new version.
Microsoft links to only six of the nine security vulnerabilities. None of the six are publicly disclosed or exploited according to Microsoft. Issues have severity ratings of moderate or important.
Microsoft Edge uses the three-digit version number in its user agent string by default. The company notes that problems can arise from this, for example, when using buggy parsers to determine the version number of the browser. Enterprise customers and organizations can use the ForceMajorVersionToMinorPositionInUserAgent policy to freeze the user agent at version 99 to temporarily mitigate the issue.
The option to preview PDF files with Microsoft Edge Web View has been added to Microsoft Outlook and File Explorer. Microsoft notes that the feature is available for local PDF documents opened in File Explorer and for Outlook desktop PDF attachments.
Another PDF-specific change adds support for opening digitally signed PDF documents. Organizations can use the PDF Safe Mode policy to enable digital signature validation for PDF files in the browser without the need to install extensions or plugins.
Microsoft Edge users on Windows 8 or later benefit from hardware-enforced stack protection. Feature requires 11th Gen or newer Intel Core Mobile Processors or AMD Zen 3 Core Processors or newer.
Microsoft employee Jin Lee explained the new feature in February 2021:
This exploit mitigation will protect the return address and will work with other Windows mitigations to prevent exploit techniques that aim to achieve arbitrary code execution. When attackers find a vulnerability that allows them to overwrite values on the stack, a common exploitation technique is to overwrite return addresses at attacker-defined locations to create a malicious payload. This technique is known as return-oriented programming (ROP).
Microsoft 365 Apps protocol activations will now “launch certain Microsoft 365 apps directly” to trusted Microsoft cloud storage services.
Here are the Edge 100 policy updates:
Policy Updates
new policies
deprecated policy
deprecated policy
Now you: ¿usáis Microsoft Edge?
advertising