Windows Defender Application Guard isolates the browser, making Windows 10 Enterprise PCs harder to hack.
Microsoft is giving its Edge browser a security boost with Windows Defender Application Guard for Windows 10 Enterprise.
Other browsers use software-based sandboxes to stay segregated from sensitive areas of the PC, but they “still provide a pathway for malware and vulnerability exploits,” Senior Vice President Yusuf Mehdi wrote in a blog post.
Redmond’s system uses virtualization-based security technology to protect its browser against malware, viruses, vulnerabilities, and zero-day attacks.
A hardware-based container isolates Edge to prevent malicious code from spreading across a corporate network.
Even if an untrusted site successfully loads malware, Mehdi explained, it “is unable to reach beyond the isolated container.” Close out of the browser, and “any malware is erased, preventing further attacks.”
“This level of protection has never been more important, as the majority of attacks start in the browser,” Mehdi said.
The program will be available to Windows Insiders in the coming months and roll out more broadly next year.
In March, Microsoft announced Windows Defender Advanced Threat Protection, which helps enterprises detect, investigate, and respond to attacks. Redmond this week introduced the ability to share intelligence across WDATP and Office 365. Plus, Office 365 Advanced Threat Protection will be extended to Word, Excel, PowerPoint, SharePoint Online, and OneDrive for Business.
The news comes as Microsoft announced Windows 10 is now running on 400 million active devices.
That’s up from the 300 million counted in early May, helped along by the free OS upgrade available at the time to those on Windows 7 and 8.1.