Microsoft releases Windows Defender Application Guard extensions for Chrome and Firefox

Discussion in 'sandboxing & virtualization' started by guest, Mar 16, 2019.

  1. guest

    guest Guest

    Microsoft releases Windows Defender extensions for Chrome and Firefox
    The add-on will still use Edge to open untrusted URLs, though
    March 16, 2019

    https://www.engadget.com/2019/03/16/windows-defender-extensions-chrome-firefox/
     
  2. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Hasn't this been out for Chrome for like... 8 months at least?
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,871
    for testing purpose only? currently its not usable on any windows 10 if some dont use insider.
    and when ready its only usable with 1803 or higher, and only pro/enterprise.
    it will contain and produce bugs like any other antivirus vendor had in the past, promised.
     
  4. guest

    guest Guest

    No, I believe you are mistaken it with the WD chrome extension.

    Edge on Win10 Pro/Ent. has this feature that ran it "fully" sandboxed (on top of appcontainer) which discard accumulated datas when exited.
     
  5. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Ah! That's probably it!

    Looking forward to seeing if Chrome itself will be able to use WDAG (Horrible name btw) seeing as Edge is switching to Chromium.
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Another article on the subject:
    https://betanews.com/2019/03/16/windows-defender-application-guard/
    I would think this would open Microsoft to lawsuits if it was used as an exploit to escape Edge and infect your system where your 3rd party browser may have been safer. There may be situations where Edge is the safer option, but nothing is an absolute.
     
  7. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Hehe, sounds like a load of carp to me. Nevertheless, it's incredibly unlikely that WDAG will be penetrated.
     
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    That's what they said about <insert any previous technology here>.
     
  9. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    To my knowledge, there has never been a 0-day in the wild for WDAG. 0-days for Chrome appear every once in a while, for comparison.
     
  10. guest

    guest Guest

    Microsoft Brings Hardware-Based Isolation to Chrome, Firefox
    March 24, 2019
    https://www.securityweek.com/microsoft-brings-hardware-based-isolation-chrome-firefox
    Microsoft blog entry: New browser extensions for integrating Microsoft’s hardware-based isolation
     
  11. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    I'm confused. Aren't ALL windows metro apps run sandboxed in the app container already? I've racked my brain google'ing for a straight answer to this question, but I can't find any information about this that doesn't just repeat what I'm already aware of.

    I was under the impression that all versions of windows 10 ran all metro apps in the app container.

    Three big questions I need the answer to:

    1. Are microsoft edge and all other metro apps run sandboxed already in windows 10 home edition 64 bit?

    2. If not, how do I enable it?

    3. Once enabled, what do I do to clear the container?
     
  12. guest

    guest Guest

    From what I read, Application Guard is Appcontainer on steroids. More like an app-based "shadow defender"
     
  13. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    So...is that a "yes" or a "no" to my first question? For windows 10 home
     
  14. guest

    guest Guest

    Normally all metro apps are running into Appcontainer, you can check if it the case by running Process Explorer and enabling the "integrity level" column.
     
  15. guest

    guest Guest

    Application Guard is on pro or enterprise version. I downloaded the Edge/3rd party browser add-on but it seems to use the Defender Sandbox which Is known to have an internet connectivity issue,so Edge if App Guarded couldnt connect.
     
  16. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    Thankyou! Finally! A straight answer to the question I actually asked!
    You wouldn't believe how many articles I found on google that all had a title promising an answer to that question only to have the content of the article go on and on about what the app container does, instead of whether or not it's currently doing anything
     
  17. guest

    guest Guest

    If you check with Process Explorer, the column will show "appcontainer". I usually check any metro app I download, in case of.
    MS is known to change stuff or give app devs some "liberties".
    The original goal of Appcontainer was to implement a secure app model (aka limiting the apps to only the needed areas for it to function as intended) , all devs have to follow this model if they wanted to develop a metro app.
     
  18. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    Oh that's lame. They should only ever increase their standards of safety and security. They should never lower it by allowing devs to do something like that.

    Someone needs to make a utility that monitors metro apps to make sure they're running in the app container.
     
  19. guest

    guest Guest

    Process Explorer, the equivalent of Process Hacker. Anyway, most people won't care or even know about Appcontainer.. So...Sooner or later the app store will disappear, it was made to be used as cross-platform by phone using Windows Mobile. Since MS phones are dead, the app store has no real value.
     
  20. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    487
    Location:
    VPN city
    There's still some games on there that aren't too bad. Although, the servers that hosted those games aren't online anymore as far as I'm aware.
     
  21. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    If your device isn't compatible, you'll have to modify the registry to allow the Microsoft Windows Defender Application Guard to run:

    HKLM\software\Microsoft\Hvsi\SpecRequiredMemoryInGB


    HKLM\software\Microsoft\Hvsi\SpecRequiredProcessorCount

    This will lower the optimal amount of RAM to enable Microsoft Windows Defender Application Guard in the optional Program Windows Features settings.

    Set the new 32 D values to 1.

    Then head to Programs, click Windows Features, put a check beside Microsoft Windows Defender Application Guard, let it install necessary files, reboot when asked.

    On reboot, open your browser, install the extension and head to the Microsoft Store to install the companion Microsoft Windows Defender Guard App.

    It should now protect your browser from malware.

    The above steps are necessary because in Windows 10/11 WDAG isn't enabled by default.
     
    Last edited: Oct 24, 2021
  22. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    Kinda surprised to see this discussion still going. These were probably the most useless browser extensions ever created.
     
  23. Melionix

    Melionix Registered Member

    Joined:
    Jun 22, 2020
    Posts:
    111
    Location:
    Earth
    I'm sure there are dozens of businesses out there that depend on these extensions for security.

    Mine, however, is not one of them.
     
  24. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    They don't do anything but open Microsoft Edge. If a business was of the opinion that doing so was the most secure option then they would allow nothing else.
     
  25. Melionix

    Melionix Registered Member

    Joined:
    Jun 22, 2020
    Posts:
    111
    Location:
    Earth
    It opens Microsoft Edge in Application Guard, which is infinitely more secure than any web browser outside of Application Guard.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.