Blog Post

Microsoft Security Baselines Blog
2 MIN READ

Security Review for Microsoft Edge version 134

Rick_Munck's avatar
Rick_Munck
Icon for Microsoft rankMicrosoft
Mar 17, 2025

We are pleased to announce the security review for Microsoft Edge version 134

We have reviewed the new settings in Microsoft Edge version 134 and determined that there are no additional security settings that require enforcement. The Microsoft Edge version 128 security baseline continues to be our recommended configuration which can be downloaded from the Microsoft Security Compliance Toolkit.

 

Microsoft Edge version 134 introduced 12 new Computer and User settings and we have included a spreadsheet listing the new settings to make it easier for you to find.

 

There are however two settings we would like to highlight

 

Configure Edge Scareware Blocker Protection

This is an important new feature for combatting the most prevalent social-engineering attacks on the web. While we are not ready to enforce this setting yet, organizations should consider its impact and determine if it is right for their environments. In a future baseline, this will be set to a value of Enabled. Additional details can be found here.

 

JavaScript optimization settings

These v8 JavaScript engine policies (located under Microsoft Edge\Content settings) control whether Edge will perform JIT-compilation of JavaScript code on websites. Disabling JIT-compilation improves security against many memory-safety vulnerabilities but can slow website performance on script-heavy sites.

These policies control only JavaScript compilation and do not impact Web Assembly (WASM) compilation, which remains enabled by default unless Edge’s Enhanced Security Mode (ESM) is in use.

Disabling the optimizer disables the two JIT optimizing compilers (Maglev and Turbofan) but WASM can continue to use JIT compiler (LiftOff). The disablement of these two compilers reduces the browser’s attack surface significantly.

These policies are an addition to the existing ESM policies. If the Enterprise has set the ESM policies, then ESM policy takes precedence over V8 optimizer disablement.

 

As a friendly reminder, all available settings for Microsoft Edge are documented here, and all available settings for Microsoft Edge Update are documented here.

 

Please continue to give us feedback through the Security Baselines Discussion site or this post.

 

Updated Mar 17, 2025
Version 1.0
compliance
final
guides
microsoft edge
security
security baseline
security compliance toolkit
updates

2 Comments

  • Casey_S's avatar
    Casey_S
    Copper Contributor
    Apr 10, 2025

    From the settings way back in v128, blocking Dynamic Code Setting breaks printing to Active Directory network printers; the print preview of the document hangs.

  • Rafal_Fitt's avatar
    Rafal_Fitt
    Iron Contributor
    Mar 25, 2025

    "JavaScript optimization settings"
    what are the actual recommended settings?

    "Control use of JavaScript optimizers" => "Disable advanced JavaScript optimizations on all sites"
    right?

    but these JIT settings are NOT working when you are signed in to your Edge with MS accounts

    "Starting in Microsoft Edge version 116, certain policies will not be applied to a profile that is signed in with a Microsoft account."
    "Applies to a profile that is signed in with a Microsoft account: No"

    https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies