Microsoft has just revealed one new method it's using to tackle unwanted extensions or add-ons, such as toolbars. Edge on Windows 10 will block all so-called dynamic link libraries (DLLs) from running on Edge unless Microsoft has signed them.
Users who've discovered unwanted toolbars or third-party content injected onto pages can likely trace the behaviour back to injected DLLs.
"The attacker is trying to colonize the browser, and loading DLLs provides the attacker with a handy cargo pallet full of supplies. Blocking unauthorized DLL injection makes browser exploits more difficult and more expensive for attackers to carry out," Crispin Cowan, a senior program manager on Microsoft Edge, said.
Allowing uninvited DLLs to be injected into Edge would have undermined its prior work in hardening its new browser against other common threats on the web.
The new DLL-blocking feature rolled out with EdgeHTML 13, the latest version of Microsoft's rendering engine in Edge that arrived in Windows 10 updates last week.
The feature prevents DLLs from being injected into browser processes unless they're Windows components or signed device drivers for hardware like the webcam that need to run in the browser to function.
"DLLs that are either Microsoft-signed, or WHQL (Windows Hardware Quality Lab)-signed, will be allowed to load, and all others will be blocked. 'Microsoft-signed' allows for Edge components, Windows components and other Microsoft-supplied features to be loaded," said Cowan.
Windows 1.0 to 10: The changing face of Microsoft's landmark OS
Microsoft boasted that with these changes Edge becomes "the first and only PC browser with library content integrity protection", though Cowan admitted it isn't a "silver bullet" for all future threats.
The company has run tests on the efficacy of the signed-only system with fans in Microsoft's Windows Insiders Program in a build released in September.
"From a sample of about 65,000 Windows Insider users of 10547, module code integrity protected 2704 users from attempts to load adware and malware," Cowan said.