Microsoft seems to be taking the security of its Edge browser seriously. Last May, the company announced Edge would drop support for the much hated ActiveX and Browser Helper Objects. This time around, the company is taking a hard stance against code injection.
Until recently, users could be affected by certain strains of malware which would hook unsigned DLLs directly into the Edge process without consent. One of the most "popular" outcomes was the installation of cutesy toolbars, without as much as a security prompt or installation request. That sort of easy injection is all over with the latest version of Edge, though.
Microsoft Edge no longer allows unsigned DLL injection
Posted on Wednesday, November 18 2015 @ 13:23 CET by Thomas De Maesschalck