Microsoft Edge Super Duper Secure Mode

The new Super Duper Secure Mode in Edge settings. (Image credit: Future)

Microsoft Edge security

The main way in which Super Duper Secure Mode shields users from attack is by disabling a browser technology known as the Just in Time Engine (JIT), the role of which is to accelerate JavaScript tasks.

According to Johnathan Norman, Microsoft Edge Vulnerability Research Lead, almost half of all security issues that affect the V8 JavaScript engine are caused by JIT. So by disabling JIT, Microsoft is able to reduce the level of threat dramatically, in one fell swoop.

When active, Super Duper Secure Mode also enables control-flow enforcement technology (CET), a hardware-based exploit mitigation from Intel, and arbitrary code guard (ACG). Both security features were previously set to off by default, for performance-related reasons.

“Performance and complexity often come at a cost, and often we bear this cost in the form of security bugs and subsequent patches,” wrote Norman when the new mode was first announced.

“This reduction in attack surface kills half of the bugs we see in exploits and every remaining bug becomes more difficult to exploit. To put it another way, we lower costs for users but increase costs for attackers.”

Super Duper Secure Mode can be switched on at the foot of the Privacy tab in the Edge settings menu.

  • Also check out our list of the