The Microsoft Edge Vulnerability Research team announced a few days ago that experimenting with a new function in the browser. The experiment involves intentionally disabling the JIT compiler JavaScript and WebAssembly, thereby you get a major optimization and performance improvement to enable more advanced security updates in what the company calls Edge Super Duper Secure Mode.
The company explained that the idea is to reduce the attack surface of the exploits modern systems that are based on JavaScript flaws and dramatically increase the cost of operation for attackers.
Microsoft mentions that Chromium, which in turn is based on the JavaScript V8 engine, an open source engine, comes with a JIT compiler which plays a crucial role in all current web browsers and works by taking JavaScript and compiling it into machine code in advance. so if the browser needs this code, it will speed up, if it doesn't need it, the code is deleted.
That said, browser vendors agree that JIT compiler support in V8 is complex as very few people understand it and it has a low margin for error.
Based on CVE data collected since 2019, approximately 45% of vulnerabilities found in the JavaScript engine and WebAssembly V8 were related to the JIT compiler, or more than half of all vulnerabilities in Chrome.
“Websites don't require JavaScript, what really needs it are single-page web applications with anti-templates like infinite scrolling. You get two things in return, a super duper fast web and a more secure web browser. For example, Amazon very well supports use without JavaScript. Another experiment is Stackoverflow, things like preview and highlighting don't work. The highlighting can be added with server-side code, but it will cost CPU time, and it is not your CPU time. Is it your CPU time? »We read in the comments.
That is why encouraged by these results, the Edge team is currently working in what the virtual reality team calls "Super Duper Secure Mode", an Edge configuration in which you disable the JIT compiler and enable three other security features, including Intel's CET (ControlFlow-Enforcement Technology) technology and the Windows ACG (Arbitrary Code Guard) system - two features that would normally conflict with the implementation of JIT V8.
"By disabling the JIT compiler, we can enable mitigations and make it more difficult to exploit security bugs in any component of the rendering process," he wrote. This reduction in attack surface kills half of the bugs we see in exploits, with each remaining bug becoming harder to exploit. To put it another way, we are reducing costs for users, but increasing costs for attackers. "
However, Microsoft testing found that Edge versions without the JIT compiler they had a 16,9% reduction in load time of the page and a 2,3% reduction in memory usage. But this experiment was only tentative and Super Duper Secure Mode (SDSM) will not be part of the official version of Microsoft Edge any time soon.
However, pre-release users of Microsoft Edge (including Beta, Dev, and Canary) can enable SDSM at edge: // flags / # edge-enable-super-duper-secure-mode and by enabling the new feature.
The news comes shortly after Microsoft Edge revealed a host of new options. Personalization options for users, including the ability to change the default entry regarding permission to autoplay media in the browser, as well as the ability to "turn off" password status alerts for a particular website. Of course, in the community, we appreciate Microsoft's effort to reduce the attack surface for end users who a priori have not requested all the JavaScript that ships on web pages today.
Finally if you are interested in knowing more about, You can check the details in the following link.