Why Consumers Won't Get Microsoft's New Edge Browser Security Tool
No matter who you are, your web browser is a major attack vector used by hackers to get at your data. So why is Microsoft only giving its new security tool for Edge browser to Enterprise business customers?
Windows Defender Application Guard (announced yesterday, Sept. 26, at Microsoft's Ignite conference) is coming in the next major update to Windows 10, and uses Microsoft's Virtualization Based Security (VBS) to keep Edge away from the operating system. If a malicious site infects the browser, that malware has no way to spread to the underlying operating system and apps.
This process is also called sandboxing, a method Apple uses to keep apps sold in its online stores from harming its iOS and macOS platforms. App Guard will do this differently, by isolating the browser into a hardware-based virtual machine.
Unfortunately, building App Guard around VBS makes it unfit for consumers. First of all, virtualized sites can't store cookies between sessions; closing the browser clears all of your cookies, so you'd have to re-login every time.
Secondly, as users of most virtualization software can tell you, it hampers performance. Many consumers probably wouldn't appreciate their PC suddenly losing its speed, and would possibly trade this level of protection back in exchange for normal performance.
Lastly, not all laptops support VBS, as it requires an Intel VT or AMD-V capable processor. So, even if you would agree to all of those issues, your computer probably couldn't run it.
We hope, though, that Microsoft finds a way to bring this level of safety to the average consumer. It would be a major reason to use Edge, which could use one.