We have reviewed the settings in Microsoft Edge version 95 and updated our guidance with the addition of 2 settings. A new Microsoft Edge security baseline package was just released to the Download Center. You can download the version 95 package from the Security Compliance Toolkit.
Enable browser legacy extension point blocking
To improve reliability and security, this new setting blocks certain code injections from legacy third-party utilities. This setting is enabled by default and will be enforced with a value of ‘enabled’ in the baseline.
Specifies whether the display-capture permissions-policy is checked or skipped
This setting exists as a temporary compatibility mitigation to allow web applications using the getDisplayMedia() API to bypass a permission policy check required by the API specification. This setting is enabled by default and will be enforced with a value of ‘enabled’ in the baseline until version 100, when this setting will become deprecated and the setting will be permanently enabled.
Microsoft Edge version 95 introduced 11 new computer settings, 11 new user settings, and removed 3 settings. We have included a spreadsheet listing the new settings in the release to make it easier for you to find them.
As a friendly reminder, all available settings for Microsoft Edge are documented here, and all available settings for Microsoft Edge Update are documented here.
Please continue to give us feedback through the Security Baseline Community or this post.
Source: Security baseline for Microsoft Edge v95
