Wednesday , 20 June 2018
Home >> W >> Windows >> How Microsoft Edge’s hidden WDAG browser lets you surf the web securely

How Microsoft Edge’s hidden WDAG browser lets you surf the web securely

Occasionally, for whatever reason, we browse parts of the web we know could be dangerous, where malicious pop-ups, ransomware or other malware could infect our PCs. While no solution is totally safe, Microsoft now has a free, specialized version of its Edge browser specifically designed to protect you online: Windows Device Application Guard, or WDAG.

WDAG was originally developed for Windows 10 Enterprise, protecting companies with billions of dollars at stake. Now that same protection has migrated to Windows 10 Pro—sorry, Windows 10 Home users—as an optional feature that you can turn on within Windows, for free. It debuted on Windows 10 Pro as part of the April 2018 Update

You may have heard that Google Chrome works by “sandboxing” your browser, isolating the browser renderer and protecting Windows, other PCs on the network, and other devices from malware. WDAG takes sandboxing a bit further, using your PC’s capability for virtualization to protect against malware escaping from the browser. Essentially, Windows is creating a small “virtual” OS and browser for every untrusted browser session (and not every tab), and isolating it from the rest of your PC. Even if malware manages to crash the browser, the idea is that the rest of your PC will remain untouched.

Is browsing with Chrome safer than browsing in an Edge WDAG tab? As you might expect, that’s not an easily answered question. While security experts seem to think highly of WDAG’s sandbox implementation, WDAG does come with some limitations, which we’ll discuss further.

Microsoft Edge (apparently without WDAG enabled) was hacked several times in the Pwn2Own 2017 hacking competition, while Chrome remained untouched. Edge was also hacked in the March 2018 competition. But the bottom line seems to be that Chrome has existed for years, and has built up its defenses over time—including a new site isolation capability that helps better isolate one tab from another. Edge WDAG doesn’t yet seem to have built up that same history of comprehensive third-party testing. 

Right now, it’s safe to say that browsing with Chrome and a coterie of security plugins is more convenient, though.

WDAG—a true hidden feature of Windows

Normally, when we review the semi-annual feature updates for Windows 10, we include a “best hidden features” companion article—a sort of junior-varsity list of features that hide deep within the OS. WDAG was significant enough to make our review, but it certainly qualifies as hidden. You’ll need to dig down and toggle it on, then reboot.

WDAG requires two elements to work: Windows 10 Pro (updated to the April 2018 Update) as well as a 64-bit, Hyper-V capable processor. Generally speaking, most sixth-, seventh- and eight-generation Intel Core chips will include this capability, and many AMD64 chips will as well. Don’t worry too much about researching this information, however—if your PC supports both of these, the WDAG toggle will appear.

==[ Click Here 1X ] [ Close ]==