Microsoft Edge 108 addresses a total of 25 security vulnerabilities, including CVE-2022-4262. This vulnerability was initially disclosed by the Chromium team and is reported to have an active exploit in the wild. This makes it all the more important to upgrade to Edge version 108 at the earliest using the given guide below.
Edge 108 Release Summary
Complete Release Build: 108.0.1462.42Release Date: Monday, December 5th, 2022Compatibility: Windows 11, 10, 8.1, 7 (32-bit and 64-bit), Mac, Linux, iOS, and Android.Previous Build: Edge 107Bug Fixes: 25. More information about security fixes can be found here.
New in Microsoft Edge 108
In Edge 108, 25 security vulnerabilities have been addressed. Moreover, it also includes 2 new policies, 2 new features, and 1 policy that has become obsolete. Moreover, other new features have also been introduced.
New Features
Graph APIs for Cloud Site List Management:New Graph APIs allow IT admins in organizations to create, manage, and publish their site lists for IE mode in the cloud.More reliable web defense:Users can now browse the web with more reliable protection thanks to the rewritten Microsoft Defender SmartScreen library for Microsoft Edge on Windows, Mac, and Linux.The new SmartScreen library was first made available on Windows and Mac and now makes its debut on Linux with Microsoft Edge version 108.Microsoft Edge version 108 also brings new product optimizations with better proxy handling and bug fixes by having the SmartScreen library leverage Microsoft Edge’s built-in network stack.General Improvements:Added a toggle to open this page in Compatibility View to the Add Page prompt for Internet Explorer Mode pages.Added open in new tab button to sidebar games.WebView2:Added support for file upload in UWPAdded IDL validator tool.Improved reliability.Fixes:Fixed autofill account selection menu not entering credentials.Fixed browser crash on autofill dialogs when navigating to the cross button with the arrow keys or pressing the Tab or Shift + Delete keys when the focus is on the cross button.Fixed browser crash when using Find Pages in the PDF browser.Fixed a sidebar issue that caused the browser to crash.Fixed browser crash when checking out a profile in a workspace.Fixed a crash related to the sidebar.Fixed a browser crash related to HDR video.Fixed a crash when navigating to certain websites.Fixed browser crash when clicking the performance button after closing the child mode window.Fixed browser crash when entering or exiting full screen.Fixed a crash related to recommended updates.Fixed a browser crash related to supporting the home button.Fixed a crash when interacting with visual search results.
New Policies
The following list of policies has been introduced with Edge 108: New Graph APIs allow IT admins in organizations to create, manage, and publish their site lists for IE mode in the cloud. Users can now browse the web with more reliable protection thanks to the rewritten Microsoft Defender SmartScreen library for Microsoft Edge on Windows, Mac, and Linux. The new SmartScreen library was first made available on Windows and Mac and now makes its debut on Linux with Microsoft Edge version 108. Microsoft Edge version 108 also brings new product optimizations with better proxy handling and bug fixes by having the SmartScreen library leverage Microsoft Edge’s built-in network stack.
Added a toggle to open this page in Compatibility View to the Add Page prompt for Internet Explorer Mode pages.Added open in new tab button to sidebar games.
Added support for file upload in UWPAdded IDL validator tool.Improved reliability.
Fixed autofill account selection menu not entering credentials.Fixed browser crash on autofill dialogs when navigating to the cross button with the arrow keys or pressing the Tab or Shift + Delete keys when the focus is on the cross button.Fixed browser crash when using Find Pages in the PDF browser.Fixed a sidebar issue that caused the browser to crash.Fixed browser crash when checking out a profile in a workspace.Fixed a crash related to the sidebar.Fixed a browser crash related to HDR video.Fixed a crash when navigating to certain websites.Fixed browser crash when clicking the performance button after closing the child mode window.Fixed browser crash when entering or exiting full screen.Fixed a crash related to recommended updates.Fixed a browser crash related to supporting the home button.Fixed a crash when interacting with visual search results.
EncryptedClientHelloEnabledDescription: Encrypted ClientHello (ECH) is an extension to TLS that encrypts the sensitive fields of ClientHello to improve privacy.If ECH is enabled, Microsoft Edge might or might not use ECH depending on server support, the availability of the HTTPS DNS record, or the rollout status.If you enable or do not configure this policy, Microsoft Edge will follow the default rollout process for ECH. However, if this policy is disabled, Microsoft Edge will not enable ECH.Because ECH is an evolving protocol, Microsoft Edge’s implementation is subject to change. As such, this policy is a temporary measure to control the initial experimental implementation. It will be replaced with final controls as the protocol finalizes.Location:Computer Coniguration » Administrative Templates » Windows Components » Microsoft EdgeNewTabPageAppLauncherEnabledDescription: By default, the App Launcher is shown every time a user opens a new tab page.If you enable or don’t configure this policy, there is no change on the Microsoft Edge new tab page and App Launcher is there for users. However, if you disable this policy, App Launcher doesn’t appear and users won’t be able to launch M365 apps from Microsoft Edge’s new tab page via the App Launcher.Location:Computer Coniguration » Administrative Templates » Windows Components » Microsoft Edge
Obsolete Policies
1 policy has also become obsolete with Edge 108: Description: Encrypted ClientHello (ECH) is an extension to TLS that encrypts the sensitive fields of ClientHello to improve privacy. If ECH is enabled, Microsoft Edge might or might not use ECH depending on server support, the availability of the HTTPS DNS record, or the rollout status. If you enable or do not configure this policy, Microsoft Edge will follow the default rollout process for ECH. However, if this policy is disabled, Microsoft Edge will not enable ECH. Because ECH is an evolving protocol, Microsoft Edge’s implementation is subject to change. As such, this policy is a temporary measure to control the initial experimental implementation. It will be replaced with final controls as the protocol finalizes. Location: Description: By default, the App Launcher is shown every time a user opens a new tab page. If you enable or don’t configure this policy, there is no change on the Microsoft Edge new tab page and App Launcher is there for users. However, if you disable this policy, App Launcher doesn’t appear and users won’t be able to launch M365 apps from Microsoft Edge’s new tab page via the App Launcher. Location: NewSmartScreenLibraryEnabled
Security Enhancements
The following 25 security vulnerabilities have been addressed in Edge 108:
Update to Edge 108
If you already have Microsoft Edge on your PC, you can simply upgrade it to the latest build using the guide given further down below. If not, use the links given in the next section to install it now. Microsoft Edge comes preinstalled in Windows 11 and 10. Learn how to uninstall Microsoft Edge. If you wish to reinstall Edge, you can go here. Once it relaunches, you can return to the About page and check that it has been updated to version 108.0.1462.42.Edge successfully updated Click on the ellipses in the top-right corner of the browser, expand Help and feedback, and then click About Microsoft Edge. Edge will now begin to scan for an update, and then download and install it if one is available. Once the download is completed, you will need to Restart the browser. If you want to download Edge 108 for offline installation, you can visit the following page which lists several methods to download and upgrade your Microsoft Edge browser. Download Microsoft Edge Browser.
Download Security Baseline for Microsoft Edge 108
Security baselines are Microsoft-recommended configuration settings that add an additional layer of security to your environment. However, Microsoft has made minor changes to Microsoft Edge v107 Security Baseline and it is still their recommended baseline for Edge 108, as noted in their announcement. This Baseline now includes 4 new computer settings and 4 new user settings. The following table contains the details of the new security settings included in Edge v107 Security Baseline:Security Setting ForDetailsLocation within Windows RegistryMachineSet the default “share additional operating system region” settingHKLM\Software\Policies\Microsoft\Edge!DefaultShareAdditionalOSRegionSettingMachineTLS Encrypted ClientHello EnabledHKLM\Software\Policies\Microsoft\Edge!EncryptedClientHelloEnabledMachineSet the default “share additional operating system region” settingHKLM\Software\Policies\Microsoft\Edge\Recommended!DefaultShareAdditionalOSRegionSettingMachineHide App Launcher on Microsoft Edge’s new tab pageHKLM\Software\Policies\Microsoft\Edge!NewTabPageAppLauncherEnabledUserSet the default “share additional operating system region” settingHKCU\Software\Policies\Microsoft\Edge!DefaultShareAdditionalOSRegionSettingUserTLS Encrypted ClientHello EnabledHKCU\Software\Policies\Microsoft\Edge!EncryptedClientHelloEnabledUserSet the default “share additional operating system region” settingHKCU\Software\Policies\Microsoft\Edge\Recommended!DefaultShareAdditionalOSRegionSettingUserHide App Launcher on Microsoft Edge’s new tab pageHKCU\Software\Policies\Microsoft\Edge!NewTabPageAppLauncherEnabledNew security settings in Security Baseline for Edge 108 To gain more control over the browser and your PC, you can install this security baseline using the given steps: The script will now run automatically. Wait for the PowerShell window to close on its own, and the security baseline for Microsoft Edge 108 will now be installed. Check the box next to Microsoft Edge v108 Security Baseline.zip (and any other baselines you may require) and then click Next. Your download should now begin. When downloaded, extract the files into a separate folder. Right-click Baseline-LocalInstall and click on Run with PowerShell from the context menu. To run the baseline for Active Directory, you should run the Baseline-ADImport script instead.
Conclusion
This version of Edge was released a little later than usual. Probably because it was also meant for the Extended Stable channel. Regardless, we are glad that it addresses some of the actively-exploited vulnerabilities today to keep our browsing experience safe. Also see:
Microsoft Edge 105 Released With Critical Security Fixes, Security Baseline; Still Might CrashDownload Microsoft Edge 106 That Rewrites Defender SmartScreen LibraryDownload Microsoft Edge 106 Security BaselineDownload Microsoft Edge 98 Security BaselineMicrosoft Edge 107: New Sidebar, New Policies and Security Updates
