Details

Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context. A SharedArrayBuffer is a binary data buffer that can be used to create views on shared memory. SharedArrayBuffers have a memory access vulnerability in several popular CPUs.

If you enable this policy sites are allowed to use SharedArrayBuffers with no restrictions.

If you disable or don’t configure this policy sites are allowed to use SharedArrayBuffers only when cross-origin isolated.

Microsoft Edge will require cross-origin isolation when using SharedArrayBuffers from Microsoft Edge 91 onward for Web Compatibility reasons.

Solution

Policy Path: Microsoft Edge
Policy Setting Name: Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context

Supportive Information

The following resource is also helpful.

• https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-edge-v99/ba-p/3249241

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.

Source

• Tenable.com/audits