Microsoft Edge review: Windows finally has a good browser

Google discloses Edge and IE vulnerability
February 25, 2017
http://www.ghacks.net/2017/02/25/google-discloses-edge-and-ie-vulnerability/

 

I don't believe this one has been posted previously?

https://msisac.cisecurity.org/advisories/2017/2017-015.cfm​

 

basically what i keep saying, use safe habits and SUA. So not really a high risk for careful and aware users, but unfortunately most are not, using bad habits inherited since Win98/XP...blame MS for that.

 

For clarification, running as a SUA only minimizes the effects of being infected by this IE and Edge vulnerability. It does not prevent you from being infected from this vulnerability. To prevent being infected, use a different browser until MS patches this vulnerability.

 

Just a post above ( #26 )...........

-------------------
From your link:

 

I see it's been over a year and a half since I posted in this thread. At this point in time, I find Edge to be a horrible disappointment and I would rather use Firefox, Chrome, or IE instead. It's not as fast as it was before they added plugins (I expect that's the reason the released it without them) and it still lacks the tweaks and settings of other browsers. It just seems like an unfinished work, years after its release.

 

I have never used Edge, but from what I've seen and read, I immediately believe you. M$ is known for their crappy browsers. But at least they did try to make their engine faster and more secure, so I hope eventually other browser makers will be able to use this as their framework.

 

Edge has been my secondary browser; nothing more...

 

IE 11 is the default on Windows 7 and one can run Green Browser/Slimbrowser on top of it, third party browsers based on IE's Trident engine.

 

"Microsoft Edge: Most Hacked Browser At Pwn2Own 2017..."

http://www.tomshardware.co.uk/pwn2own-2017-microsoft-edge-hacked,news-55149.html

 

Don't browse much but I've been leery of Edge for the longest. And the correlation with Windows kernel is obvious. So glossily well-marketed, isn't it? But Internet Explorer! Very cool but doomed and add-on-challenged browser. Good for Tencent and 360 Security, that was impressive. Wonder what prizes they got?

Edit: typo

 

Despite all their "efforts", Microsoft Edge: Most Hacked Browser At Pwn2Own 2017. What a joke.

Users don't care what technology a vendor choose to use. All they want is a browser that is extremely hard to be hacked. That's all.

It's laughable to publish a technical article to boast how secure a most-hacked browser is. Made me puke.

 

The article says that this new technology is for Windows 10 Creators Update.

 

Whatever. They also claimed Edge was equal or more safer than Chrome when it was released ~2 years ago. Microsoft is best at touting, but their faces are always slapped by the fact.
IMHO, publishing an article to boast how safe Edge is equals to lack of confidence. If Microsoft is really confident, then let the fact speak - if no one can hack Edge in Pwn2own, then it's 1000 times more convincing that Edge is safe, rather than publishing a useless article talking about what they did. Talk is cheap and useless.

 

Yeah, but who outside of here is gonna know this? The propaganda, excuse me, "news article," will be believed by many who don't see Microsoft for what it truly is: an untrustworthy, money-grubbing monstrosity.

 

People here are funny, they compare a 10 year browser with tons of bug bounties (chrome) with one more recent (Edge) that supposed to replace IE (which is obsolete) ; let compare FF with Edge...
I can say without doubts, Edge is safer than FF... (FF isn't even worth mentioning, "FF is too easy to hack")

And the fact that edge is hacked is good in a certain way, so they can fix the holes the same ways Chrome did before.
Average Joe doesn't care that the browser is hackable or not, only security forum members care; average people want something fast, simple to use and with lot of customization; that is why FF is still popular.

Appcontainer (which is the low-box token) is a sure value , no one can deny it, even Chrome implemented it . Now the devs can't think of all vector attacks , that is why bug bounties are made for.
Then come the marketing, obviously, to put your new browser on top of Chrome or FF , you need lot of marketing , because people use the previous two since ages.

MS is MS we can't change them, they are a giant money-grabber business like Google, Apple and co; business is business , not charity.
I can understand why people dislike MS, but i still wonder, in that case, why they still use it and keep spit on it ...it is pathetic....if people don't like MS, you have alternatives (Linux , Apple, etc...).

 

Sad to hear you are not feeling well.
Once you get better you will notice that Pwn2Own 2017 was on Anniversary Update.
The blog post linked to in post #37 in this thread, are about Creators Update.
The world is moving. Progress being made. Products evolving.

@guest : They sure are.

These browser teams and these researcher teams are all extremely talented people that has their mind wrapped around this 24/7 year in, year out.
The only way to constantly raise the bar, is to have researcher teams constantly hammering at the products.
Patches comes out all year round for all products, exactly due to this.

On security forums on the other hand we have people that has never written a single line of code, but after spending 30 seconds reading a headline then they suddenly possess über-wisdom.
Haters will always be haters.

Is a product bad because a flaw is discovered ? Of course not. Patch and move on.

As one team said after Pwn2Own 2017 - they could have taken down Chrome with exactly the same bug used against Edge.
But due to time constraints and team size having the size it has, they focused on Edge only.

https://mobile.twitter.com/mj0011sec/status/844087167957704704
https://mobile.twitter.com/mj0011sec/status/844087650734686208

Are Chrome or Edge bad due to this ? Of course not. They are both extremely safe browsers.

Yet, haters in forums will always find something to whine about.
What would these people do without the internet ? Yell at one of the ducks on the local pond ??

 

Martin_C: You make good points, as always. I have no dispute with you. You can despise the organization and like/depend on the software it produces. At the same time! Yes, I'm a Microsoft "hater" if you want to keep using that cheap, timeworn hack.. I won't waste anyone's time with long-winded rants and links. All the evidence is no farther than your own Windows machine.

By the way, what assumptions are you operating under? Do you believe you know me from somewhere? I quote you an ancient proverb: When U ASSUME, you make an *** out of U. No idea!

I respect your viewpoints. I have no need for you to respect mine.

Adios!

Edit: I can't resist. I look at your posts in a gestalt kind of way (I don't read them or certain others.) They are so well-done, polished, and yes, very professional. I can see where some paranoid and vulnerable organization would find someone with such skill useful in trolling the various forums and doing some real "damage control." Yeah! Conscript some like-minded cronies in same forum and you have a force to be reckoned with. Wow! Maybe it even puts some nice change in one's pocket. You'd be better off selecting more worthy adversaries. Go and find them.

Have a nice day!

 

You can't assume that everyone that doesn't like a product hates the whole company. I'm no fan of Edge or Defender. I would like to be, but I don't feel that those products are good enough (at least yet) for me to like them. That said, products like Windows and Office have no equal. I think it's fair to call out a product that you feel misses the mark without hating the company that makes it. If you don't, nobody will bother to improve it. Edge may be my browser some day, but at this point I am with the folks that aren't yet impressed.

 

No, this is not my point, not liking a product is fine , but constantly bashing a company and keep using their product is nonsense to me. (i focus no one in particular here but the general "anti-MS" trend bashing every MS product/features while they have no clues of what they are saying, but keep using those)

 

Why justify a stand when there is already abundant common (and not so common) knowledge? Personal experiences also carry far more weight than crafted posts that stink of multiple agendas or endless cries for attention. One is saying free speech and membership to this forum should only be reserved for those who "code" and claim to be uber-knowledgeable and correct 100% of the time? Wow, is that a human being?

Always listening to true-blue perspectives when it concerns Microsoft, regardless of point of view. And I have something else of great value: a really good filter.

 

I think people are being too negative, it's clear to me that Edge is already quite secure, same as Chrome, but these type of hacks can not always be prevented. M$ is doing a good job with Edge when it comes to security, but usability that's a whole other story, that's were the real problem lies.

 

wow, such an arrogant figure.

What do you think the value of a coder is? It's because someone else who don't code can use a coder's product for various purposes. If everyone can code, a coder is then not a profession. People who don't code but use your product are the reason why you can make a living. Now you are pissed because your patrons criticized your work, and saying people who don't code does not have the right to criticize a coder's work.

I bet you are not a good coder, because your logic appears terribly flawed. In your logic, a driver can not complain any flaws of a car, because the driver don't make anything used to build the car nor did he build the car. All movie critics should just shut up because they did not make or appear in the movie. Food critics can not say anything bad because he did not cook the food or produce the ingredients.

Bottom line: no one cares about how brilliant you think yourself is, nor care about what details you produce your code. When your product are the easiest target and was hacked 5 times in a couple of days, it doesn't really matter whether or not a critic can code or not. It's so obvious that anyone who is not a moron will see what the truth is.