Details

Sets the ProcessExtensionPointDisablePolicy on Microsoft Edge’s browser process to block code injection from legacy third party applications.

If you enable or don’t configure this policy the ProcessExtensionPointDisablePolicy is applied to block legacy extension points in the browser process.

If you disable this policy the ProcessExtensionPointDisablePolicy is not applied to block legacy extension points in the browser process. This has a detrimental effect on Microsoft Edge’s security and stability as unknown and potentially hostile code can load inside Microsoft Edge’s browser process. Only turn off the policy if there are compatibility issues with third-party software that must run inside Microsoft Edge’s browser process.

Solution

Policy Path: Microsoft Edge
Policy Setting Name: Enable browser legacy extension point blocking

Supportive Information

The following resource is also helpful.

• https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-v96/ba-p/2997665

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.

Source

• Tenable.com/audits