As Microsoft reveals more about their upcoming products, it's new web browser is said to be more secure than its Internet Explorer (IE) predecessor by doing away with legacy browser technologies where hackers usually inserting malicious code to hack computer systems or steal confidential information.
As mentioned in its official developer blog, Microsoft edge will no longer support VML, VB Script, Toolbars, Browser Helper Objects (BHOs), or ActiveX. When the company introduced ActiveX in 1996, third-party developers are given the chance to create different web content but with no protection.
Some of these include Flash, Java, Silverlight and PDF plugins. The vulnerability of these extensions made IE susceptible to attack and gave hackers a window of opportunity to steal sensitive information or data through the browser.
But it doesn't mean the new browser will loose Flash compatibility. Instead, it and other widely-used plugins will be imbedded within Microsoft Edge.
Users can also say goodbye, hopefully, to search toolbars which fall under the BHO extension model.
Microsoft is planning to create a modern HTML/JavaScript-based extension model that developers can use to create extensions for Edge. This model is said to be more secure since the extension will have limited access to controls so taking over the system may not be possible.
Mozilla, Apple, Opera and Google browsers currently use the HTML/Javascript model in their browser extension.
The use of HTML5 is also a better option since content will be interoperable with other browsers which also reduces the need for additional plugins.
In addition, Microsoft, according to Mashable, will be putting "49 new major features and 4200 browser interoperability features" in Edge.
Part of this feature is perhaps how Microsoft Edge is seen as a Universal Windows App. It may be possible that Windows Update may be removed and updates are now access at the Windows Store.
Security-wise, this also meant that the browsing sandbox app in IE7 for Windows Vista is a default feature.
The App Container Sandbox give less privilege to the web content that it renders which provides a level of protection to users in case a malicious site inserts a bug to Edge or to a plugin. Any attack will be placed in that box without full access to the system or any sensitive user information.
In addition, Microsoft Edge will support the SmartScreen feature in IE8. It blocks phishing sites that will fail a reputation check and blocks malicious software from socially-engineered downloads.
