Unsecured web browsers are a key vector used by malware distributors and threat actors. So, it’s unsurprising that browser developers are constantly looking for ways to protect users. If you’re a member of Microsoft’s Enterprise business service and are in the Fast Ring test group then you’ll get access to Windows Defender Application Guard. This is a sandbox that keeps the browser window isolated from the rest of your computer’s resources.
TechRadar reports that Edge will run inside its own virtual machine that’s based on Hyper-V, keeping it apart from the rest of the operating system’s resources. When the browser session ends, all data pertaining to the session is lost. So, as well as killing off any potential nasties, browser cookies and other saved data also disappears. That could be a pain for many users.
They have dubbed it “malware proof” – which is probably like waving a red rag in front of the hacker bull.
I’ve been following infosec for a while now and virtualisation has long been considered a key part of thwarting malware attacks. If a VM is infected or attacked, it can be shutdown or deleted without, in theory, affecting the rest of the server environment. Using VMs or application containers has been discussed for a while but we now have computers that are powerful enough to manage the load of multiple VMs running concurrently.
There’s more information on Windows Defender Application Guard on the Windows Blog.