Mandatory Integrity Control with Microsoft Edge

Copper Contributor

Hi Team,

 

I was wondering if anyone from the development team can elaborate on the use of mandatory Integrity controls in Edge? With IE it was simple to understand that the main process would run at a medium mandatory Integrity level and tabs would use low Mandatory Integrity. When I open Edge and use Process explorer with integrity control view enabled I'm a bit confused. Even when Edge is not visible there are already 5 processes running (1 parent, 4 child), all running at various mandatory Integrity levels. What are these used for? Second, when I open a website in Edge, there are multiple child processes executed at various Integrity levels.... so I'm a bit confused on how this actually works and would like to understand how it ticks.

 

Is there like a explanation somewhere that does a deep dive in this behavior?

 

Thanks in advance!

4 Replies

@Michael_Waterman Hello!  I am not able to find any specific documentation regarding Mandatory Integrity Control but you mentioned seeing processes running when MS Edge is closed.  Do you have startup boost enabled?  You can check by visiting edge://settings/system

 

Kelly_Y_0-1655152680398.png

 

Startup boost keeps the browser running in the background with minimal processes when the browser is closed, which has a limited impact on device resource usage. Here is additional information about startup boost: Get help with startup boost (microsoft.com)  Thanks!

 

-Kelly

 

Hi @Kelly_Y ,

 

Thanks for pointing me to this functionality. Indeed the processes that I'm seeing are related to startup boost. Glad to have figured that out.

 

Now it would be great if there's anyone that could explain the m.i.c. functionality for Edge. I'm wondering if it's similar to the AppContainer model or just very different.

@Michael_Waterman Hi!  I will check with the team and see if there is any information available.  Thanks! 

 

-Kelly

Microsoft Edge is based upon Chromium.

Chromium (and thus Edge) uses a multi-process model where each process has a particular job (processing HTML/JavaScript, drawing on the screen, the top-level-browser, etc). This improves both security and reliability.

Beyond simply running code in a different processes, however, we can improve security by sandboxing each process as much as we can; this will discard capabilities that a process should not need for its job, and help ensure that if an attacker were able to build an exploit against the sandboxed code, that exploit would be stuck inside a sandbox/jail it cannot escape.

Setting restricted Windows Integrity Levels is only one mechanism the sandboxing code uses to protect the system-- various other lockdowns are applied as well. You can learn more about the design of the Chromium sandboxes here: https://chromium.googlesource.com/chromium/src/+/lkgr/docs/design/sandbox.md