Microsoft Edge no longer allows unsigned DLL injection

Posted on Wednesday, November 18 2015 @ 13:23 CET by Thomas De Maesschalck
Microsoft logo
Microsoft is taking a harder stance against code injection by preventing software from hooking unsigned DLLS directly into the Edge process without user consent. As The Tech Report notes, this will make it harder for malware to nestle into Edge and it will also prevent toolbars from hooking themselves to Edge without as much as a security prompt or installation request:
Microsoft seems to be taking the security of its Edge browser seriously. Last May, the company announced Edge would drop support for the much hated ActiveX and Browser Helper Objects. This time around, the company is taking a hard stance against code injection.

Until recently, users could be affected by certain strains of malware which would hook unsigned DLLs directly into the Edge process without consent. One of the most "popular" outcomes was the installation of cutesy toolbars, without as much as a security prompt or installation request. That sort of easy injection is all over with the latest version of Edge, though.




Loading Comments