Just last week Microsoft released a newer version of their Chromium Edge, the Edge v88. They have now released their security baseline to make it more secure for their users and easier for the sysadmins to implement browser security across their network when using Microsoft Edge.
Security Baseline is Microsoft’s recommended set of configurations to make the product more secure. Speaking of security baselines for Microsoft Edge, the new baselines include a few more recommendations from Microsoft.
We recommend that you download and install this baseline as it helps make your communication over the Internet more secure while using Microsoft Edge.
Let’s discuss what security improvements have been made and how you can install this Edge Security Baseline.
What’s new in the Security Baseline for Microsoft Edge v88
Only one security setting has been added to Edge v88. Having said that, this single security vulnerability is enough for a hacker to infiltrate your network by hijacking your communication over the internet.
Basic HTTP authentication
Edge 88 now enables you to disable the basic authentication protocol over HTTP. HTTP Basic Authentication is a non-secure authentication mechanism that involves sending a username and password to a destination in plaintext. Someone over the network can be listening to this information and could easily access this sensitive information. Hence, Microsoft recommends disabling this feature in Edge 88.
With version 88 we now have that ability and are recommending the disablement of basic authentication over HTTP. Disabling Basic Authentication over HTTP falls in line with our other security baselines where we disable this method.Microsoft
This feature has been available for Internet Explorer 7 and above for quite some time. It is also available on Microsoft Edge. Installing this Security Baseline will disable Basic Authentication over HTTP and make your data more secure. The path for this Group Policy is:
Administrative Templates -> Microsoft Edge -> HTTP authentication -> Allow Basic Authentication for HTTP
Download and Install Security Baseline for Microsoft Edge v88
Use the guide below to download and install the new Security Baseline for Microsoft Edge. You can also select all the features in the Microsoft Security Compliance Toolkit as per your requirement.
- Open the page for Microsoft Security Compliance Toolkit 1.0. Scroll down and then click on Download.
- Check the box next to Microsoft Edge v88 Baseline.zip (and any other baselines you may require) and then click Next.
- Your download should now begin. When downloaded, extract the files.
- When extracted, navigate to the following location within the extracted folder:
Microsoft Edge v88 Security Baseline FINAL -> Scripts
- Now right-click Baseline-LocalInstall and click on Run with PowerShell from the context menu.
If you want to run the baseline for Active Directory, then you should run Baseline-ADImport script.
- The script will now run automatically. Wait for the PowerShell window to close on its own
You have now successfully installed the latest security baseline for Microsoft Edge v88.
Installing the Security Baseline for Microsoft Edge isn’t compulsory, but it sure is recommended, not just by Microsoft, but by us as well. It is always better to be safe than sorry. Hence, ensuring that your information and communication with other devices over the internet is secure is a mechanism to be safe.
You can install the Security Baseline if you are a frequent user of Microsoft Edge. If you haven’t updated to version 88, here is a guide on how to do so.