SOLVED

Security baseline - edge

%3CLINGO-SUB%20id%3D%22lingo-sub-2142438%22%20slang%3D%22en-US%22%3ESecurity%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2142438%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EHi%20pls%20exist%20list%20with%20security%20recommendation%26nbsp%3B%20%3F%20I%20know%20exist%2C%20Microsoft%20Security%20Compliance%20Toolkit%2C%20but%20our%20vendor%20want%20some%20URL%20from%20M%24%20where%20is%20information%20about%20NativeMessaging.%20We%20want%20set%20Allow%20user-level%20native%20messaging%20hosts%20(installed%20without%20admin%20permissions)%3A%20Disabled%2C%20but%20nativecomponent%20from%20vendor%20not%20want%20create%20instaler%26nbsp%3B%20to%20HKLM....%20Thanx%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2143411%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2143411%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3Efor%20each%20Edge%20stable%20version%2C%20security%20baselines%20are%20posted%20here%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-baselines%2Fbg-p%2FMicrosoft-Security-Baselines%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-baselines%2Fbg-p%2FMicrosoft-Security-Baselines%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3Ehere%20is%20for%20the%20latest%20V88%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-baselines%2Fsecurity-baseline-for-microsoft-edge-version-88%2Fba-p%2F2094443%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-security-baselines%2Fsecurity-baseline-for-microsoft-edge-version-88%2Fba-p%2F2094443%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2144543%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2144543%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%3EThank%20you.%3C%2FDIV%3E%3CDIV%3EI%20look%20but%20there%20is%20not%20information%20about%20native%20messaging.%20I%20know%20i%20can%20download%20toolkit%20and%20look%20to%20this%2C%20but%20vendor%20want%20direct%20information%20in%20the%20Microsoft%20pages%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2145708%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2145708%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F733570%22%20target%3D%22_blank%22%3E%40Marek_G%3C%2FA%3E%2C%3C%2FP%3E%3CP%3Ethere%20is%20also%20a%20security%20benchmark%20for%20Microsoft%20Edge%20published%20by%20CIS%20(%3CSPAN%3ECenter%20for%20Internet%20Security).%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegarding%20the%20native%20messaging%2C%20this%20is%20a%20good%20read%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftextslashplain.com%2F2020%2F09%2F04%2Fweb-to-app-communication-the-native-messaging-api%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Ftextslashplain.com%2F2020%2F09%2F04%2Fweb-to-app-communication-the-native-messaging-api%2F%3C%2FA%3E%3C%2FP%3E%3CP%3EMaybe%20you%20also%20want%20check%20resources%20from%20Google%20since%20native%20messaging%20is%20a%20feature%20of%20chromium.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBest%20regards%3C%2FP%3E%3CP%3EJoe%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2145803%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2145803%22%20slang%3D%22en-US%22%3EYeah%20that%20is%20the%20official%20website%20of%20Microsoft%20employee%20working%20on%20Edge%3CBR%20%2F%3E%22ericlaw%22%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2147481%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2147481%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fanthonyhaakit.wordpress.com%2F2020%2F01%2F21%2Frecommended-enterprise-gpos-for-microsoft-edge-chromium-new%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fanthonyhaakit.wordpress.com%2F2020%2F01%2F21%2Frecommended-enterprise-gpos-for-microsoft-edge-chromium-new%2F%3C%2FA%3E%3C%2FP%3E%3CP%3Ethis%20link%20i%20send%20vendor.%20But%20answer%20vendor%20%3F%20%22%3CSPAN%20class%3D%22VIiyi%22%3E%3CSPAN%20class%3D%22JLqJ4b%20ChMk0b%22%3E%3CSPAN%3EI%20do%20not%20know%20these%20sites%20and%20I%20need%20to%20see%20specific%20and%20relevant%20information%20from%20a%20credible%20source%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%20%22%3C%2FP%3E%3CP%3EI%20want%20only%20disable%20user%20level%20nativemessaging%20level......%3C%2FP%3E%3CP%3Ethanx%20all%20for%20answer%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F193575%22%20target%3D%22_blank%22%3E%40Johannes%20Goerlich%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2149193%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20baseline%20-%20edge%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2149193%22%20slang%3D%22en-US%22%3ENot%20that%20link%20you%20posted%2C%20look%20at%20the%20comment%20above%2C%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftextslashplain.com%2F2020%2F09%2F04%2Fweb-to-app-communication-the-native-messaging-api%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftextslashplain.com%2F2020%2F09%2F04%2Fweb-to-app-communication-the-native-messaging-api%2F%3C%2FA%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi pls exist list with security recommendation  ? I know exist, Microsoft Security Compliance Toolkit, but our vendor want some URL from M$ where is information about NativeMessaging. We want set Allow user-level native messaging hosts (installed without admin permissions): Disabled, but nativecomponent from vendor not want create instaler  to HKLM.... Thanx 

7 Replies

 

Thank you.
I look but there is not information about native messaging. I know i can download toolkit and look to this, but vendor want direct information in the Microsoft pages

 

Hi @Marek_G,

there is also a security benchmark for Microsoft Edge published by CIS (Center for Internet Security).

 

Regarding the native messaging, this is a good read: https://textslashplain.com/2020/09/04/web-to-app-communication-the-native-messaging-api/

Maybe you also want check resources from Google since native messaging is a feature of chromium.

 

Best regards

Joe

Yeah that is the official website of Microsoft employee working on Edge
"ericlaw"

 

https://anthonyhaakit.wordpress.com/2020/01/21/recommended-enterprise-gpos-for-microsoft-edge-chromi...

this link i send vendor. But answer vendor ? "I do not know these sites and I need to see specific and relevant information from a credible source "

I want only disable user level nativemessaging level......

thanx all for answer

 

@Johannes Goerlich 

best response confirmed by Marek_G (Occasional Contributor)
Solution

Confirming that the link shared by @HotCakeX (https://textslashplain.com/2020/09/04/web-to-app-communication-the-native-messaging-api/) is a blog by a Microsoft Edge Principal Program Manager (Eric Lawrence / Ericlaw). He often releases blogs to fill gaps in official documentation and is a trusted source for Microsoft information.