Microsoft releases Windows Defender Application Guard extensions for Chrome and Firefox

Discussion in 'sandboxing & virtualization' started by mood, Mar 16, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    15,965
    Microsoft releases Windows Defender extensions for Chrome and Firefox
    The add-on will still use Edge to open untrusted URLs, though
    March 16, 2019

    https://www.engadget.com/2019/03/16/windows-defender-extensions-chrome-firefox/
     
  2. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    408
    Hasn't this been out for Chrome for like... 8 months at least?
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,892
    for testing purpose only? currently its not usable on any windows 10 if some dont use insider.
    and when ready its only usable with 1803 or higher, and only pro/enterprise.
    it will contain and produce bugs like any other antivirus vendor had in the past, promised.
     
  4. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    No, I believe you are mistaken it with the WD chrome extension.

    Edge on Win10 Pro/Ent. has this feature that ran it "fully" sandboxed (on top of appcontainer) which discard accumulated datas when exited.
     
  5. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    408
    Ah! That's probably it!

    Looking forward to seeing if Chrome itself will be able to use WDAG (Horrible name btw) seeing as Edge is switching to Chromium.
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,176
    Location:
    USA
    Another article on the subject:
    https://betanews.com/2019/03/16/windows-defender-application-guard/
    I would think this would open Microsoft to lawsuits if it was used as an exploit to escape Edge and infect your system where your 3rd party browser may have been safer. There may be situations where Edge is the safer option, but nothing is an absolute.
     
  7. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    408
    Hehe, sounds like a load of carp to me. Nevertheless, it's incredibly unlikely that WDAG will be penetrated.
     
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,176
    Location:
    USA
    That's what they said about <insert any previous technology here>.
     
  9. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    408
    To my knowledge, there has never been a 0-day in the wild for WDAG. 0-days for Chrome appear every once in a while, for comparison.
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    15,965
    Microsoft Brings Hardware-Based Isolation to Chrome, Firefox
    March 24, 2019
    https://www.securityweek.com/microsoft-brings-hardware-based-isolation-chrome-firefox
    Microsoft blog entry: New browser extensions for integrating Microsoft’s hardware-based isolation
     
  11. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    90
    Location:
    VPN city
    I'm confused. Aren't ALL windows metro apps run sandboxed in the app container already? I've racked my brain google'ing for a straight answer to this question, but I can't find any information about this that doesn't just repeat what I'm already aware of.

    I was under the impression that all versions of windows 10 ran all metro apps in the app container.

    Three big questions I need the answer to:

    1. Are microsoft edge and all other metro apps run sandboxed already in windows 10 home edition 64 bit?

    2. If not, how do I enable it?

    3. Once enabled, what do I do to clear the container?
     
  12. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    From what I read, Application Guard is Appcontainer on steroids. More like an app-based "shadow defender"
     
  13. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    90
    Location:
    VPN city
    So...is that a "yes" or a "no" to my first question? For windows 10 home
     
  14. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    Normally all metro apps are running into Appcontainer, you can check if it the case by running Process Explorer and enabling the "integrity level" column.
     
  15. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    Application Guard is on pro or enterprise version. I downloaded the Edge/3rd party browser add-on but it seems to use the Defender Sandbox which Is known to have an internet connectivity issue,so Edge if App Guarded couldnt connect.
     
  16. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    90
    Location:
    VPN city
    Thankyou! Finally! A straight answer to the question I actually asked!
    You wouldn't believe how many articles I found on google that all had a title promising an answer to that question only to have the content of the article go on and on about what the app container does, instead of whether or not it's currently doing anything
     
  17. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    If you check with Process Explorer, the column will show "appcontainer". I usually check any metro app I download, in case of.
    MS is known to change stuff or give app devs some "liberties".
    The original goal of Appcontainer was to implement a secure app model (aka limiting the apps to only the needed areas for it to function as intended) , all devs have to follow this model if they wanted to develop a metro app.
     
  18. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    90
    Location:
    VPN city
    Oh that's lame. They should only ever increase their standards of safety and security. They should never lower it by allowing devs to do something like that.

    Someone needs to make a utility that monitors metro apps to make sure they're running in the app container.
     
  19. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    6,149
    Location:
    Europe then Asia
    Process Explorer, the equivalent of Process Hacker. Anyway, most people won't care or even know about Appcontainer.. So...Sooner or later the app store will disappear, it was made to be used as cross-platform by phone using Windows Mobile. Since MS phones are dead, the app store has no real value.
     
  20. GrDukeMalden

    GrDukeMalden Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    90
    Location:
    VPN city
    There's still some games on there that aren't too bad. Although, the servers that hosted those games aren't online anymore as far as I'm aware.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.