In August, Microsoft Edge Vulnerability Research Lead Jonathan Norman announced that his team is working on a “Super Duper Secure Mode” for Microsoft Edge. With the release of Edge 96. 0. 1054. 29 on the stable channel, this feature has been quietly added to the browser and is now generally available.
What is Super Duper Secure Mode?
But before we move on to how to enable SDSM – it comes off by default – it would probably make more sense to know what it actually is. While Norman explains this in great detail in his blog post, it’s worth summarizing some key points. However, if you want to dive into the details, you can check out the blog post mentioned above.
Most JavaScript engines, such as V8, use a performance-enhancing technology called Just-In-Time (JIT) Compilation. As the name might suggest, this technology enables engines to translate poorly written JavaScript code into machine code before it’s actually needed. Unfortunately, while this process clearly provides significant performance gains, it also opens up some security vulnerabilities for malicious actors to target. Data from Common Vulnerabilities and Exposures (CVE) shows that 45% of what has been published for V8 include speculative optimization of JIT as the culprit. Similarly, a study from Mozilla highlights that almost half of the 0-day exploits in Chrome come from JIT errors.
So, what Microsoft recommends is to disable JIT completely in Edge via SDSM. The company emphasizes that many security processes cannot be enabled, such as hardware-based mitigation called Intel’s “Controlflow-Enforcement Technology” (CET).
Arbitrary Code Guard (ACG) suffers the same fate. Disabling JIT means these mitigations can now be applied, reducing the attack surface. Microsoft claims that around 50% of V8 bugs that need to be patched will be left as is, and consumers won’t be bothered by the frequent patches and updates.
How to Enable Super Duper Secure Mode?
If you’re interested in the additional security benefits at the expense of slightly reduced performance, you’ll probably want to learn more about how to enable SDSM in Microsoft Edge. Fortunately, it’s a simple process. . .
If the version is correct, now open the Security page (use the search bar in the left pane or alternatively go to Privacy, search & services) and scroll down to the bottom where you will see the “Enable security toggles for a safer browsing experience” option. From here, enable the corresponding option.
When you enable it, you will see two options, Balanced and Solid. Microsoft clearly and briefly outlines the differences between both options. The former will apply to sites you rarely visit, while the latter will apply to all sites.
Microsoft also warns that enabling any of the options may result in parts of the website not working; so keep that in mind.
You also have an “Exceptions” option at the bottom.
42654
