Forum Widgets
Latest Discussions
Edge >=150 blocks ALL extensions on *.cloud.microsoft (regression from 149) - no policy override
Starting with Edge 150, a hardcoded extension blocklist applies to *.cloud.microsoft (M365 Copilot and Microsoft 365 app surfaces). Extensions no longer run on these pages. This is a regression - on Edge 149 and earlier it worked fine on the same pages. The block affects all extensions, not a specific category, and it is not overridable via ExtensionSettings (runtime_allowed_hosts), ExtensionInstallForcelist, or any other policy we have tested. It hits both regular user-installed extensions and admin-approved, force-installed extensions on managed devices - so admins have no way to re-enable trusted extensions on these surfaces either. Confirmed breakage so far: - Password managers - verified with Bitwarden (users end up copy/pasting credentials out of the manager on Copilot pages, a real security regression) - Corporate training / user-adoption extensions - Accessibility extensions relied on by employees Ask to the Edge team: restore the pre-150 behavior, or ship an override so extensions can run on *.cloud.microsoft pages (for example, honor runtime_allowed_hosts / the force-install list on these surfaces). If this is by design, please document it clearly so users and admins stop chasing a config that cannot work. Environment: Edge Stable >=150 (works on 149 and earlier), Windows, both unmanaged and MDM-managed (Intune/GPO). Reproducible on a clean profile with a single extension. Are other users / admins / extension vendors seeing the same thing after updating to 150? Please add your affected extension below so Microsoft can gauge the blast radius.AdèleJul 13, 2026Copper Contributor324Views1like3CommentsEdge Beta 147.0.3912.26: This policy is blocked, its value will be ignored.
Starting with Edge Beta 147.0.3912.26 as well as Edge Dev 148.0.3928.0 I'm facing the problem, that the so called "sensitive policies" (which need an MDM or AD-Joined Device) are blocked. Error-Message in edge://policy/ shows up with: This policy is blocked, its value will be ignored. Using Edge Stable 146.0.3856.84 works fine (on the same machine). Issue is only related to the so called "sensitive policies" and ist clearly new with Edge Beta 147.0.3912.26 as well as Edge Dev 148.0.3928.0 ... I didn't change anything except updating Edge Beta and Edge Dev ... and as I said: Edge Stable still works fine on the same machine. The Release Notes https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-beta-channel don't show any new changes regarding those "sensitive Policies". So what happened? Did Microsoft break the Policies with those new Versions?SolvedGunnar-HaslingerApr 29, 2026Steel Contributor463Views0likes9CommentsEdge Dev Version 149.0.3984.0 (Official build) dev (64-bit) Update
Got this update on Edge Dev today, immediately thereafter its locked up my pc after it applied and i went to open a new tab (had to ctrl+alt+del and end task it) its something specific here as edge stable and beta still work. unsure what's changed or if others have the same issue? diving into logs in just a sec...BrowserCodeIntegritySetting vs. Memory integrity / HVCI
Hello all, we have set BrowserCodeIntegritySetting to '2' (Enabled: Enable code integrity guard enforcement in the browser process.) This causes the browser to crash once a user tries to logon to Citrix terminal servers with EntraID/Fido2. This is probably cased by an unsigned Citrix CtxFidoMuxdll, but from our understanding this should be properly handled and the browser should not just crash. While investigating the root cause, we found very few information about Code Integrity Guard. It seems it was shipped as part of Device Guard but nowadays is named Memory integrity or hypervisor-protected code integrity (HVCI) and independent from Device Guard. Is this understanding correct and can we expect that the feature name will be updated and a proper documentation will be added? BR, JoeJohannes GoerlichApr 09, 2026Iron Contributor100Views0likes1CommentThere needs to be a policy to enable Edge Secure Network
As soon a single policy is set for Microsoft Edge, either through group policy or registry, the Edge Secure Network becomes unavailable. There needs to be a policy to enable it again. Using a registry key or local policy to control Edge doesn't mean it's controlled by an organization or personal Microsoft accounts are not used.2.9KViews3likes5CommentsEdge Sync w/ MS 365 Basic and Business Standard
Hi, I noticed that some of my customers with MS 365 Basic and Business Standard plans can sync their MS Edge information, while others can't. Based in this article, sync only works with plans that include Azure AD Premium P1 and P2, Microsoft 365 Business Premium, and EDU. https://docs.microsoft.com/en-us/deployedge/microsoft-edge-enterprise-sync Could it be that MS is starting to expand to smaller plans? Is there an article with details about this? Thanks...Daniel VelezMar 16, 2026Brass Contributor38KViews5likes93CommentsWhat is EdgeSafeHostingExtensionEnabled about?
Hello, with v145 the EdgeSafeHostingExtensionEnabled policy was introduced. The description says, "Microsoft Edge Safe Hosting component extension is installed automatically when users visit supported Microsoft services, such as Microsoft 365 Copilot app." Is this a regular browser extension? If so, what is the related Extension ID? How does this combine with other extension management policies? Or is it a browser component, which should show up under edge://components? What would be its name? What is the exact purpose of "Microsoft Edge Safe Hosting component" extension? Thanks for any hints. BR JoeJohannes GoerlichMar 11, 2026Iron Contributor358Views1like2Comments
Tags
- edge52 Topics
- IE mode13 Topics
- enterprise13 Topics
- Group Policy11 Topics
- policy11 Topics
- BUG11 Topics
- gpo10 Topics
- Edge Chromium10 Topics
- intune7 Topics
- dev7 Topics