{"id":89453,"date":"2019-05-23T08:50:07","date_gmt":"2019-05-23T15:50:07","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=89453"},"modified":"2023-05-15T23:06:59","modified_gmt":"2023-05-16T06:06:59","slug":"new-browser-extensions-for-integrating-microsofts-hardware-based-isolation","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/23\/new-browser-extensions-for-integrating-microsofts-hardware-based-isolation\/","title":{"rendered":"New browser extensions for integrating Microsoft\u2019s hardware-based isolation"},"content":{"rendered":"
The hardware-based isolation technology on Windows 10 that allows Microsoft Edge to isolate browser-based attacks is now available as a browser extension for Google Chrome and Mozilla Firefox.<\/p>\n
We introduced the container technology<\/a> in 2017. Since then, we have been evolving the technology and engaging with customers to understand how hardware-based isolation can best help solve their security concerns. We know that many of our customers depend on multi-browser environments to allow enterprise apps to meet various compatibility requirements and enable productivity. And while modern browsers are continuously working to mitigate vulnerabilities, there are still exposures across these complex engines that can lead to irreversible and costly damages.<\/p>\n <\/p>\n To provide customers with a comprehensive solution to isolate potential browser-based attacks, we have designed and developed Windows Defender Application Guard extensions, now generally available, to allow customers to integrate hardware-based isolation with Google Chrome and Mozilla Firefox.<\/p>\n <\/p>\n The extensions for Google Chrome and Mozilla Firefox automatically redirect untrusted navigations to Windows Defender Application Guard for Microsoft Edge. The extension relies on a native application that we\u2019ve built to support the communication between the browser and the device\u2019s Application Guard settings<\/a>.<\/p>\n When users navigate to a site, the extension checks the URL against a list of enterprise sites defined by enterprise administrators. If the site is determined to be untrusted, the user is redirected to an isolated Microsoft Edge session. In the isolated Microsoft Edge session, the user can freely navigate to any site that has not been explicitly defined as enterprise-trusted by their organization without any risk to the rest of system. With our upcoming dynamic switching capability, if the user tries to go to an enterprise site while in an isolated Microsoft Edge session, the user is taken back to the default browser.<\/p>\n To configure the Application Guard extension under managed mode, enterprise administrators can follow these recommended steps:<\/p>\n We designed the user interface to be transparent to users about Windows Defender Application Guard being installed on their devices and what it does. We want to ensure that users are fully aware that their untrusted navigations will be isolated and why.<\/p>\n <\/p>\n Hardware-based isolation is one of the innovations that enhance platform security on Windows 10. It is a critical component of the attack surface reduction capabilities<\/a> in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP<\/a>) and the broader unified security in Microsoft Threat Protection<\/a>. With the new Application Guard extension for Google Chrome and Mozilla Firefox, customers can extend the security benefits of isolation in their environments and further reduce attack surface. Customers can confidently navigate the expansive internet with protection for enterprise and personal data.<\/p>\n The Windows Defender Application Guard extensions for Google Chrome and Mozilla Firefox are now available for Windows 10 Professional, Enterprise, and Education SKUs, version 1803 and later with latest updates.<\/p>\n <\/p>\n Rona Song<\/em><\/strong> <\/p>\n <\/p>\n Questions, concerns, or insights on this story? Join discussions at the\u00a0Microsoft Defender ATP community<\/a>.<\/p>\nHow it works<\/h3>\n
\n
Intuitive user experience<\/h3>\n
\n
Commitment to keep enterprise users and data safe<\/h3>\n
\nWindows platform security team<\/em><\/p>\n
\nTalk to us<\/h3>\n