Forum Discussion
Security baseline - edge
Hi pls exist list with security recommendation ? I know exist, Microsoft Security Compliance Toolkit, but our vendor want some URL from M$ where is information about NativeMessaging. We want set Allow user-level native messaging hosts (installed without admin permissions): Disabled, but nativecomponent from vendor not want create instaler to HKLM.... Thanx
Confirming that the link shared by HotCakeX (https://textslashplain.com/2020/09/04/web-to-app-communication-the-native-messaging-api/) is a blog by a Microsoft Edge Principal Program Manager (Eric Lawrence / Ericlaw). He often releases blogs to fill gaps in official documentation and is a trusted source for Microsoft information.
7 Replies
- Hi,
for each Edge stable version, security baselines are posted here:
https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines
here is for the latest V88
https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-version-88/ba-p/2094443- Thank you.I look but there is not information about native messaging. I know i can download toolkit and look to this, but vendor want direct information in the Microsoft pages
Hi Marek_G,
there is also a security benchmark for Microsoft Edge published by CIS (Center for Internet Security).
Regarding the native messaging, this is a good read: https://textslashplain.com/2020/09/04/web-to-app-communication-the-native-messaging-api/
Maybe you also want check resources from Google since native messaging is a feature of chromium.
Best regards
Joe
