We are excited to announce the release of the security baseline for Microsoft Edge version 128, designed specifically for enterprise environments. This latest iteration of Edge brings enhancements to ensure robust security measures are in place, tailored for both technical and non-technical users.

Updated Settings

In this version, the security settings have undergone a careful review, resulting in the addition of two new settings and the removal of two outdated ones. The latest security baseline package for Microsoft Edge is now accessible through the Security Compliance Toolkit.

Dynamic Code Settings

New to this version is the inclusion of Dynamic Code Settings. This feature forms part of our ongoing strategy to thwart potentially harmful third-party code interactions with the browser by leveraging Arbitrary Code Guard. After browser initialization, any third-party attempts at code injection will be blocked. Enterprises should test this setting with a smaller group of users initially to assess any potential compatibility issues, particularly where third-party code is vital for accessibility.

Application Bound Encryption

With the rise in InfoStealer attacks, which aim to siphon off sensitive data, a new feature to enable Application Bound Encryption has been introduced. This setting links encryption from local data storage directly to Microsoft Edge, offering increased protection against attempts by malicious applications to access encryption keys.

Deprecated Settings

Two settings have been deprecated in this release:

• Microsoft Edge\Enhance images enabled
• Microsoft Edge\Force WebSQL to be enabled

This version introduces seven new computer settings and seven new user settings. To aid in navigating these changes, a comprehensive spreadsheet detailing these new settings is included in the release package.

For complete documentation on available settings for Microsoft Edge and Microsoft Edge Update, visit the following resources:

• Microsoft Edge Policies
• Microsoft Edge Update Policies

We encourage continuous feedback and engagement through the Security Baseline Community or by sharing comments directly on the announcement post.

For more details, visit Microsoft Tech Community.