Microsoft Edge’s Super Duper Secure Mode lands in Settings
Microsoft unveiled a new security feature called Super Duper Secure Mode in the company’s Microsoft Edge web browser about two weeks ago. Super Duper Secure Mode is an experimental feature to make the browsing experience more secure. The name is not final and it is possible that the feature will never land in Microsoft Edge stable.
Microsoft targets the Just In Time (JIT) compiler with the security feature and introduces security mitigations at the same time. Research on JIT shows that it was responsible for nearly 45% of CVEs (Common Vulnerabilities and Exposures) in 2019, and that attacks abuse bugs in the compiler in more than 50% of the cases that are “in the wild”.
Disabling JIT would reduce attacks by a significant margin right away, and it would pave the way for security mitigations that cannot be enabled in the browser while JIT is enabled.