With the release of Microsoft Edge 99 on March 4th, 2022, Microsoft has now released its security baseline. Security baselines are Microsoft-recommended configuration settings that add an additional layer of security to your environment.
This release does not introduce any new features to Edge. However, this update includes 17 new computer settings and 12 new user settings, which are discussed further down this post. That said, the security baseline for Edge 98 is still Microsoft’s recommended version.
This baseline is not only effective for network and sysadmins, but also for regular users. Continue to read through this post and learn how to install it.
What is a Security Baseline
Microsoft describes security baselines as follows:
A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact.
Microsoft
Security baselines are a set of additional configurations which give IT professionals more control over their current environment. These new controls are policies that they can configure according to their business and network requirements.
Edge security baselines give granular control of various security aspects to the experts to mold their policies as they want to. Since each individual or organization has different security requirements, these additional policies are configurable accordingly.
Who Needs to Install a Security Baseline
Not everyone who owns a Windows computer needs to install these baselines. If you are on a home computer and use it to play games, browse websites online and perform no work activities, you probably do not need to install this Edge security baseline.
However, if you put in your financial or Personal Identification Information (PII), or perform confidential tasks online, you can use the security baselines to make your system and your information more secure.
Online threats are constantly evolving, and the stock security policies in Windows can take a lot of time to learn and configure. Therefore, security baselines can be installed to protect your devices from potential threats and maintain your system’s integrity.
If you believe you fit the description of a person who could use these security baselines, read on further to learn the details of this release.
New in Edge 99 Security Baseline
Since there are no new features to discuss in this release, the table below contains the details of the new security settings included:
| Security Setting For | Details | Location |
| Machine | Allow Microsoft Edge to block navigations to external protocols in a sandboxed iframe | HKLM\Software\Policies\Microsoft\Edge!SandboxExternalProtocolBlocked |
| Machine | Allow users to access the games menu | HKLM\Software\Policies\Microsoft\Edge!AllowGamesMenu |
| Machine | Configure Related Matches in Find on Page | HKLM\Software\Policies\Microsoft\Edge!RelatedMatchesCloudServiceEnabled |
| Machine | Configure reporting of IE Mode user list entries to the M365 Admin Center Site Lists app | HKLM\Software\Policies\Microsoft\Edge!InternetExplorerIntegrationCloudUserSitesReporting |
| Machine | Configure reporting of potentially misconfigured neutral site URLs to the M365 Admin Center Site Lists app | HKLM\Software\Policies\Microsoft\Edge!InternetExplorerIntegrationCloudNeutralSitesReporting |
| Machine | Define a list of protocols that can not be silently blocked by anti-flood protection | HKLM\Software\Policies\Microsoft\Edge!DoNotSilentlyBlockProtocolsFromOrigins |
| Machine | Enable or disable freezing the User-Agent string at major version 99 | HKLM\Software\Policies\Microsoft\Edge!ForceMajorVersionToMinorPositionInUserAgent |
| Machine | Enable or disable the User-Agent Reduction | HKLM\Software\Policies\Microsoft\Edge!UserAgentReduction |
| Machine | Show Hubs Sidebar | HKLM\Software\Policies\Microsoft\Edge!HubsSidebarEnabled |
| Machine | Show Hubs Sidebar | HKLM\Software\Policies\Microsoft\Edge\Recommended!HubsSidebarEnabled |
| Machine | Enable sign in click-to-action dialog | HKLM\Software\Policies\Microsoft\Edge\Recommended!SignInCtaOnNtpEnabled |
| Machine | Remove Desktop Shortcuts upon updating default | HKLM\Software\Policies\Microsoft\EdgeUpdate!RemoveDesktopShortcutDefault; HKLM\Software\Policies\Microsoft\EdgeUpdate!UpdateDefault |
| Machine | Remove Desktop Shortcuts upon update | HKLM\Software\Policies\Microsoft\EdgeUpdate!RemoveDesktopShortcut{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062} HKLM\Software\Policies\Microsoft\EdgeUpdate!UpdateDefault |
| Machine | Remove Desktop Shortcuts upon update | HKLM\Software\Policies\Microsoft\EdgeUpdate!RemoveDesktopShortcut{2CD8A007-E189-409D-A2C8-9AF4EF3C72AA} HKLM\Software\Policies\Microsoft\EdgeUpdate!UpdateDefault |
| Machine | Remove Desktop Shortcuts upon update | HKLM\Software\Policies\Microsoft\EdgeUpdate!RemoveDesktopShortcut{65C35B14-6C1D-4122-AC46-7148CC9D6497} HKLM\Software\Policies\Microsoft\EdgeUpdate!UpdateDefault |
| Machine | Remove Desktop Shortcuts upon update | HKLM\Software\Policies\Microsoft\EdgeUpdate!RemoveDesktopShortcut{0D50BFEC-CD6A-4F9A-964C-C7416E3ACB10} HKLM\Software\Policies\Microsoft\EdgeUpdate!UpdateDefault |
| Machine | Configure the list of domains for which the password manager UI (Save and Fill) will be disabled | HKLM\Software\Policies\Microsoft\Edge\PasswordManagerBlocklist |
| User | Allow Microsoft Edge to block navigations to external protocols in a sandboxed iframe | HKCU\Software\Policies\Microsoft\Edge!SandboxExternalProtocolBlocked |
| User | Allow users to access the games menu | HKCU\Software\Policies\Microsoft\Edge!AllowGamesMenu |
| User | Configure Related Matches in Find on Page | HKCU\Software\Policies\Microsoft\Edge!RelatedMatchesCloudServiceEnabled |
| User | Configure reporting of IE Mode user list entries to the M365 Admin Center Site Lists app | HKCU\Software\Policies\Microsoft\Edge!InternetExplorerIntegrationCloudUserSitesReporting |
| User | Configure reporting of potentially misconfigured neutral site URLs to the M365 Admin Center Site Lists app | HKCU\Software\Policies\Microsoft\Edge!InternetExplorerIntegrationCloudNeutralSitesReporting |
| User | Define a list of protocols that can not be silently blocked by anti-flood protection | HKCU\Software\Policies\Microsoft\Edge!DoNotSilentlyBlockProtocolsFromOrigins |
| User | Enable or disable freezing the User-Agent string at major version 99 | HKCU\Software\Policies\Microsoft\Edge!ForceMajorVersionToMinorPositionInUserAgent |
| User | Enable or disable the User-Agent Reduction | HKCU\Software\Policies\Microsoft\Edge!UserAgentReduction |
| User | Show Hubs Sidebar | HKCU\Software\Policies\Microsoft\Edge!HubsSidebarEnabled |
| User | Show Hubs Sidebar | HKCU\Software\Policies\Microsoft\Edge\Recommended!HubsSidebarEnabled |
| User | Enable sign in click-to-action dialog | HKCU\Software\Policies\Microsoft\Edge\Recommended!SignInCtaOnNtpEnabled |
| User | Configure the list of domains for which the password manager UI (Save and Fill) will be disabled | HKCU\Software\Policies\Microsoft\Edge\PasswordManagerBlocklist |
Let us now show you how to get this security baseline.
Download and Install Security Baseline for Microsoft Edge v99
Use the guide below to download and install the new Security Baseline for Microsoft Edge. You can also select all the features in the Microsoft Security Compliance Toolkit as per your requirement.
- Open the page for Microsoft Security Compliance Toolkit 1.0. Scroll down and then click Download.
- Check the box next to Microsoft Edge v88 Baseline.zip (and any other baselines you may require) and then click Next.
- Your download should now begin. When downloaded, extract the files.
- When extracted, navigate to the following location within the extracted folder:
Microsoft Edge v98 Security Baseline >> Scripts - Now right-click Baseline-LocalInstall and click on Run with PowerShell from the context menu.
If you want to run the baseline for Active Directory, then you should run Baseline-ADImport script. - The script will now run automatically. Wait for the PowerShell window to close on its own.
You have now successfully installed the latest security baseline for Microsoft Edge 99.
Closing Words
Although this release of the security baseline does not introduce any new features, it still adds a layer of security to protect you and your device while browsing online. Therefore, we recommend you install it using the given guide above to secure your machine and your network.
If you have not updated Edge to version 99 yet, learn how.
