On April 1, 2022, Microsoft published the first three-digit version of its Edge browser. Microsoft Edge 100 is compatible with all platforms. Microsoft Edge 100, like Google Chrome 100 launched last week, is light on new features and upgrades. But there are in Edge 100.
Microsoft Edge automatically updates itself. Download the latest version and check for updates at edge:/settings/help. If the installed version is newer, the current update is downloaded and installed.
Microsoft Edge 100 is primarily a security upgrade. Microsoft has released nine security fixes for Edge in version 100. The latest version includes security fixes for Chromium, the core on which Edge and Chrome run.
Microsoft only connects to six of the nine security flaws. Microsoft claims none of the six are public or abused. The difficulties are moderate or important in intensity.
Microsoft Edge’s user agent string defaults to a three-digit version number. Problems may arise, for example, when buggy parsers are used to determine the browser’s version number. Enterprise clients and organizations can utilize the ForceMajorVersionToMinorPositionInUserAgent policy to temporarily fix the problem.
Outlook and File Explorer now allow you to examine PDF files using Microsoft Edge Web View. Microsoft says the capability works with local PDF files and Outlook Desktop PDF attachments.
Opening digitally signed PDF documents is now supported. This policy enables digital signature validation for PDF files in the browser without the need to install extensions or add-ins.
Hardware-enforced Stack Protection is available in Windows 8 and later. This functionality needs Intel Core Mobile 11th generation or AMD Zen 3 Core CPUs.
As described by Microsoft employee Jin Lee in February 2021:
This mitigation protects the return address and works with other Windows mitigations to prevent unauthorized code execution. When an attacker discovers a flaw that allows them to overwrite values on the stack, they frequently overwrite return addresses into malicious payload locations. This is called return-oriented programming (ROP).
“Launch certain Microsoft 365 applications directly” on trusted Azure cloud storage services.
Here are Edge 100’s policy updates:
- AdsTransparencyEnabled – Configure if the ads transparency feature is enabled
- DefaultWebHidGuardSetting – Control use of the WebHID API
- HideRestoreDialogEnabled – Hide restore pages dialog after browser crash
- PDFSecureMode – Secure mode and Certificate-based Digital Signature validation in native PDF reader
- PromptOnMultipleMatchingCertificates – Prompt the user to select a certificate when multiple certificates match
- WebHidAskForUrls – Allow the WebHID API on these sites
- WebHidBlockedForUrls – Block the WebHID API on these sites
- BackgroundTemplateListUpdatesEnabled – Enables background updates to the list of available templates for Collections and other features that use templates
- AllowSyncXHRInPageDismissal – Allow pages to send synchronous XHR requests during page dismissal