Microsoft Chromium Super Duper Secure Mode

Super Duper Secure Mode also known as SDSM helps to mitigate against browser attacks by disabling the Just-In-Time component in V8, a technology linked many security vulnerabilities in recent years.

V8 is an open-source JavaScript engine which was developed by the Chromium Project for Google Chrome and Chromium web browser. JavaScript engines are “a remarkably difficult security challenge for browsers”, explained Norman, partly due to the use of the Just-In-Time (JIT) compilation, also known as speculative optimization. Enabling engines to convert JavaScript into machine code just before it is executed, resulting in huge gains in speed and usability, but losses for security.

To defend against the plethora of bugs bundled with JIT, Super Duper Secure Mode disables the engine, removing “roughly half” of the issues present. The SDSM feature also enables users to toggle between Balanced and Strict modes, giving them greater control over what is and isn’t enabled.

There are benefits beyond attack surface reduction due to how the V8 JIT works, several impactful mitigation technologies do not work during the rendering process.

With JIT disabled, these technologies can also be utilized for instance Control Flow-Enforcement Technology (CET), a new hardware-based exploit mitigation from Intel, and Arbitrary Code Guard (ACG), which cannot be used with JIT engines.

More information on other features bundled with the latest version of Edge is available in the release notes.