Forum Discussion
Deleted
Apr 10, 2020Maximum Anti-Exploit hardening for new Edge
I would like to hear your Anti-Exploit settings for new Chromium-Edge.
From MalwareTips.com forum i got the following:
(* will break Chrome or extensions)
ACG (off)*
BLII (on)
BRI (on)
BUF (on)
CIG (on) - also allow loading of images signed by Microsoft Store
CFG (on) - Strict (Off)*
DEP (on) - ATL (on)
Dep (on)
Win32k (off)*
Child Process (off)
EAF (off)*
Mandatory ASLR (on) - Stripped (on)
IAF (off)*
BottomUp ASLR (on)
SimExec (off)*
CallerCheck (off)*
SEHOP (on)
VHU (on)
VHI (on)
VIDI (on)
StackPivot (off)
Edit: Also someone say the settings are needed for "MicrosoftEdgeCP.exe" too.
- Reza_Ameri-ArchivedBronze ContributorThe default one is recommended for Microsoft Edge, if you made any changes and it cause crashing, make sure report it through Feedback form.
- DeletedThat's not what i asked here, but you're of course right.
I'm also disappointing that - after now one week, nobody else answer here.- Reza_Ameri-ArchivedBronze ContributorThe general formula is to have them all on , so it protects you against all exploits . However due to lack of compatibility or other issues, if you enable them, they might crash the application. So set the values which you just posted and try it out and turn on others one by one and see if there is any issue or they perform as expected?