Microsoft has just announced that a new major update is coming for Windows 10 sometime in 2017 and that it will run Edge in a virtual machine. This will make Edge safer for use because it’s far more complicated for a hacker to exploit or attack a browser that runs in a virtual machine.
The update is called Windows Defender Application Guard for Microsoft Edge and it simply continues the security additions for Windows 10 that are now virtual machine-based which were first presented a while ago along with the OS.
This virtual machine based security policy essentially uses small virtual machines and a hypervisor to isolate specific processes or important data from the rest of the System. For example, there is the Credential Guard which keeps the network credentials and password info in a virtual machine that is isolated from everything else. As a result, that specific data is safe from the very common MimiKatz tool that harvests it. And even if a hacker does get the private info from a network, the fact the data is isolated in a virtual machine stops him from using it on other virtual machines in that system.
Before Edge gets the upcoming virtual machine update, it should be noted that the browser is pretty safe, in the sense that it’s running a secure sandbox that has limited access to the rest of the processes so again, any hacker that would steal data from the browser, would most likely not get past the sandbox.
When the update comes out, the Guard will only apply to the Edge Browser but some analysts suggest that Microsoft should design some similar protection programs for other, third-party apps. Lastly, this virtual machine-based security function more than likely requires some performance costs and we will probably find out soon enough what those are.