Article Details

Microsoft deprecates Defender Application Guard for some Edge users. Microsoft is deprecating Defender Application Guard (including the Windows Isolated App Launcher APIs) for Edge for Business users. Microsoft Defender Application Guard (MDAG) blocks potential threats by opening them in a secure sandbox using hardware-based virtualization. "Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete," Microsoft explains. Application Guard for Edge protects business customers by automatically opening all untrusted sites in isolated Hyper-V-enabled containers. Enterprise admins define trusted websites and cloud resources to protect the company against potential malware infections when users visit malicious sites. "Microsoft Defender Application Guard, including the Windows Isolated App Launcher APIs, is being deprecated for Microsoft Edge for Business and will no longer be updated," Microsoft announced. Redmond advises customers to check out the Microsoft Edge For Business security whitepaper for more details on the security capabilities that still ship with its Edge for Business web browser. The company introduced MDAG support to the Edge web browser in April 2019 on Windows 10 systems. ​Last month, Redmond announced that it's deprecating Defender Application Guard for Office, including the Windows Security Isolation APIs. ​The announcement came two years after Redmond rolled out Application Guard for Office to all Microsoft 365 customers with eligible licenses and four years after its introduction as part of a limited preview in November 2019. It also advised users to switch to Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative. The company is also dropping VBScript in future Windows releases (30 years after its introduction), making it available as an on-demand feature before its complete removal. Earlier this year, Microsoft also reminded users that it would soon disable insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in Windows. However, it delayed Exchange Online Client Access Rules (CARs) deprecation by one year until September 2024.