Enterprise topics

Edge Dev Version 149.0.3984.0 (Official build) dev (64-bit) Update

NickB — Wed, 22 Apr 2026 10:02:13 GMT

Got this update on Edge Dev today, immediately thereafter its locked up my pc after it applied and i went to open a new tab (had to ctrl+alt+del and end task it)

its something specific here as edge stable and beta still work.

unsure what's changed or if others have the same issue?
diving into logs in just a sec...

BrowserCodeIntegritySetting vs. Memory integrity / HVCI

Johannes Goerlich — Wed, 08 Apr 2026 12:09:03 GMT

Hello all,

we have set BrowserCodeIntegritySetting to '2' (Enabled: Enable code integrity guard enforcement in the browser process.) This causes the browser to crash once a user tries to logon to Citrix terminal servers with EntraID/Fido2. This is probably cased by an unsigned Citrix CtxFidoMuxdll, but from our understanding this should be properly handled and the browser should not just crash.

While investigating the root cause, we found very few information about Code Integrity Guard. It seems it was shipped as part of Device Guard but nowadays is named Memory integrity or hypervisor-protected code integrity (HVCI) and independent from Device Guard. Is this understanding correct and can we expect that the feature name will be updated and a proper documentation will be added?

BR,

Joe

Edge Beta 147.0.3912.26: This policy is blocked, its value will be ignored.

Gunnar-Haslinger — Thu, 26 Mar 2026 20:08:50 GMT

Starting with Edge Beta 147.0.3912.26 as well as Edge Dev 148.0.3928.0 I'm facing the problem, that the so called "sensitive policies" (which need an MDM or AD-Joined Device) are blocked.

Error-Message in edge://policy/ shows up with: This policy is blocked, its value will be ignored.

Using Edge Stable 146.0.3856.84 works fine (on the same machine).

Issue is only related to the so called "sensitive policies" and ist clearly new with Edge Beta 147.0.3912.26 as well as Edge Dev 148.0.3928.0 ... I didn't change anything except updating Edge Beta and Edge Dev ... and as I said: Edge Stable still works fine on the same machine.

The Release Notes https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnote-beta-channel don't show any new changes regarding those "sensitive Policies".

So what happened? Did Microsoft break the Policies with those new Versions?

What is EdgeSafeHostingExtensionEnabled about?

Johannes Goerlich — Mon, 09 Mar 2026 14:10:45 GMT

Hello,

with v145 the EdgeSafeHostingExtensionEnabled policy was introduced. The description says, "Microsoft Edge Safe Hosting component extension is installed automatically when users visit supported Microsoft services, such as Microsoft 365 Copilot app."

Is this a regular browser extension? If so, what is the related Extension ID? How does this combine with other extension management policies?

Or is it a browser component, which should show up under edge://components? What would be its name?

What is the exact purpose of "Microsoft Edge Safe Hosting component" extension?

Thanks for any hints.

Joe

Question: Windows Enterprise / EDU Version - End of Life (EOL) Notification

TrooperDE — Wed, 18 Feb 2026 18:55:18 GMT

Hello Microsoft Community - Enterprise,

i have a general question about the Windows Enterprise / EDU Version and the End of Life (EOL) notification .

I have a general question about End of Life (EOL) and the notification process.

Could someone please explain and tell me exactly how is the notification process for Windows EOL in the Enterprise/EDU version?

My understanding is this: For the Windows Home version, the notification is given 30 days in advance, see below.
But what about the Enterprise/EDU version? Is it 36 months in advance?

For products and services governed by the Modern Lifecycle Policy, unless otherwise noted, Microsoft's policy is to provide a minimum 30 days' notification when customers are required to take action in order to avoid significant degradation to the normal use of the product or service.

I would appreciate your help.

My Work feed is missing on the Edge landig page with Beta 144.0.3719.18

Henno_Keers — Fri, 19 Dec 2025 08:52:28 GMT

Since introduction of Beta 144.0.3719.18 the Work / Discover is changed to Discover only on the landingpage. See below:

This means that the handy Microsoft 365 information are missing (Latest documents, Sharepoint sites and comming up events).
Stable version 143.0.3650.96 does not have this issue, next to MSN there is a toggle (Work Discover) to choose from.

More people seen this behaviour?

Regards,

Henno

Edge V143 has broken functionality in the Azure/intune admin consoles

rgrisi — Mon, 08 Dec 2025 20:18:51 GMT

Anyone else seeing this? It is not working in Edge or Chrome. The consoles work correctly in Firefox.

Extended channel not working for Edge 142

db1080 — Tue, 04 Nov 2025 15:14:26 GMT

We have been running the extended channel for a long time, and as far as I can tell, everything on our end looks to be configured correctly. But when checking for updates, Edge is saying that we're up-to-date with 140.0.3485.130. Clearly we should be getting updated to 142.0.3595.53.

Is anyone else using extended channel experiencing the same issue?

Is Edge Copilot susceptible to Prompt Injection Attack?

nhtkid — Mon, 03 Nov 2025 10:17:45 GMT

I am getting lots of negative vibe when reading about OpenAI's Altas browser.

But what about Edge browser?

Let's say if you have Copilot in Edge turned on with Page Content allowed.

You asked the Copilot to summerise the page you are browsing and the page has hidden text to initiate a prompt injection attack.

Is it safe to say that as long as Copilot does not have control over your browsing or desktop, the damage is limited.

The worst thing it could happen is the change of AI behaviour, meaning the response returned from your question may not be what you asked for.

There is zero DLP risk, right?

Stolen session token from Edge

nhtkid — Sun, 02 Nov 2025 09:15:02 GMT

We can steal the session token from Edge using tools like Burp Suite or Fiddler to intercept proxy traffic on the mobile phone, even when the Edge is MAM protected by Intune.

This makes the Edge browser unsafe to use for Enterprise Applications on personal mobile.

Recently I discovered that the Entra Token Protection feature in Conditional Access Policy.

However it is only available for Windows.

I am wondering if anyone knows when it would become available for mobile on Entra roadmap.

Also, if you know any Edge configuration, I could use to stop Token Theft, please let me know!

Thank you everyone.

Camera and Mic Site Permissions

NickB — Mon, 27 Oct 2025 12:15:46 GMT

edge settings/privacy/sitePermissions/allPermissions/camera
edge settings/privacy/sitePermissions/allPermissions/microphone

I was looking to add some sites / urls to automatically permit access to both camera and mic to stop the age old i said no and now cant use service x type service calls from coming in.

i added these 2 policies to the admin template

Sites that can access audio capture devices without requesting permission
Sites that can access video capture devices without requesting permission

both succeed in delivery to the device but don't appear in the edge site permission list as expected

have i got the wrong policy? is it broke?

Go Links on Edge Mobile

nhtkid — Sat, 25 Oct 2025 22:11:44 GMT

Dear community members,

We use Intune managed computer and Zscaler that delivers DNS Search Domain.

When user type a https://go/links in Edge browser, it automatically appends the FQDN to the address bar to become https://go.mycompanydomain.com/links.

It is a quite common practice for Enterprise to provide convenience to access internal shortened URLs.

With Intune managed mobile (also has Zscaler), can we achieve the same goal for Edge mobile?

For the mobile use case, it is less of typing the go links directly in the browser.

Because there are a lot of go links shared in Email and Chats from communications and newsletters, when user click them in Outlook or Teams on the phone, it will open in Edge.

I am hoping when Edge opens these links, it automatically appends the search domain like on computers.

I have looked up all Intune device and Edge documentation, chatted with three different LLMs, couldn't figure out a solution.

All ideas are welcome! Thanks.

Best regards,

Chrome extension managed storage policy

alizarei95 — Tue, 09 Sep 2025 14:41:53 GMT

Hi there,

I've developed a chrome extension and now we want to deploy it using Intune. Force install of extension works great but I can't pass managed data to the extension.

Here is the scheme:

{ "type": "object", "properties": { "apiKey": { "title": "API Key", "description": "An API key to communicate with server.", "type": "string" } } }

This is the policy that I created in Intune:

OMA-URI:

./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~3rdparty~extensions~eagefwefpbjpewefliifpgfgoewfknnmk~policy

Data type:

String

Value:

{"apiKey":"mykey123"}

But it doesn't appear in chrome://policy and when I get policies in my code with:

const result = await chrome.storage.managed.get(null);

The result is empty!

What is the problem here? And how to fix it?

Edge Dev/Canary enterprise extension sync broken?

lexcyn — Mon, 11 Aug 2025 22:24:56 GMT

I noticed on my test system that setting up a new profile in Dev/Canary sync doesn't work correctly - specifically, extensions do not install properly. In my stable channel build everything is working, however when it attempts to sync to Dev/Canary only the "forced" extension I have enabled via policy shows/works, where as the others are not in the extension list, but are present in the AppData user data folder. I've attempted to reset sync and have everything get pulled down again, but the issue persists. I've tried clearing out the profile and re-installing Dev/Canary to see if having it force re-sync would help, but it does not.

TLDR - syncing extensions to dev/canary with enterprise sync breaks any extension that is not 'forced' to install via policy

Edge Dev > Enterprise State Roaming / Sync Broke

NickB — Fri, 01 Aug 2025 13:07:43 GMT

I noted in Edge DEV my profile stopped syncing even though its set by policy to be on

the journey took me to
edge://settings/profiles/sync
where turn on sync is presented - so i turn it on

a confirm and cancel button appear as well as the expected other areas (but showing as off by policy???)
hitting confirm just makes confirm and cancel disappear with no changes

these are not new? what gives or is changing? is sync just broke in dev for now?
Edge Beta and Stable are not impacted.

Starting Edge as a process immediately fires exited event

NamelessProgrammer2 — Tue, 15 Jul 2025 15:34:44 GMT

Hi!
Recently I have encountered a rather annoying bug on Windows 11 IoT LTSC where I launch an edge as a process from my .net 9.0 C# code. I need to track Edge and if it exits for some reason I have to relaunch it. I'm tracking whether it has exited by subscribing to the Process.Exited event, but on the beforementioned operating system this event immediately fires even though the Edge itself visibly does not close and stays functional without any problem. This results in infinite edge processes getting launched, since every new instance also exits. Interestingly this issue does not occur when tested with other browsers nor it occurs on Windows 11 Pro, everything works completely fine in these two scenarios. I'm guessing IoT version has some kind of different power plan to reduce battery drainage and CPU usage if possible. My other assumption is that the msedge.exe available with default windows is just a parent process on the IoT version, and it just starts the actual processes needed to present the content of my web app.
It'd be great if you could check this and come back to me.

Thank you!

Kind regards,
Gallusz.

Manifest V2/V3 timeline update?

lexcyn — Thu, 05 Jun 2025 13:44:51 GMT

Google/Chromium announced at the end of March that MV2 would be completely removed from Chrome in v139, meaning that v138 will be the last version that can run MV2 extensions even using the policy override. Since v139 is expected sometime in July, that time is coming up fast!

In Microsoft's timeline, it is stated:

Manifest V2 extensions will continue to be supported through Enterprise policies at least until the date in the Chromium Manifest V2 support timeline.

Since Google will be removing it as of v139, can we expect the same for Edge? Just trying to plan out notification to some groups who use custom extensions (ie: from vendors or internally created) that they will see the older extensions be removed/disabled.

Thank you!

InsecurePrivateNetworkRequestsAllowed

lexcyn — Tue, 03 Jun 2025 15:10:51 GMT

In Dev version 138.0.3338.1 I noticed the following policies are showing as "error/not found" and was wondering if these policies are scheduled to be depreciated:

InsecurePrivateNetworkRequestsAllowed
InsecurePrivateNetworkRequestsAllowedForUrls

These policies are still functional on stable 137.0.3296.58.

Thanks!

Microsoft Editor does not work

lexcyn — Mon, 05 May 2025 19:46:11 GMT

As the title states, if you have the Microsoft Editor enabled in Edge (this appears to be any version from Stable to even Canary), no spell or grammar check will work at all. If you enable the standard editor, you will get at least spell check back.

This screenshot is with the MS Editor enabled - it seems to know what is spelled incorrectly but gives you zero suggestions.

And here is the standard spell check working as it should.

Testing in Edge stable 136.0.3240.50 + Dev 137.0.3282.1

OrgBrandingCustomName no longer working in Dev/Canary

lexcyn — Fri, 04 Apr 2025 18:07:22 GMT

The latest Dev/Canary builds have moved the profile icon from the top left back to the address bar near the extension/plugin list. We have the OrgBrandingCustomName cloud policy enabled which no longer works due to this change. Is this expected behavior?

Current stable channel behavior:

New Dev/Canary behavior: