![Full Logo.png]](https://help.devicie.com/hs-fs/hubfs/Full%20Logo.png?height=30&name=Full%20Logo.png){kind=small}
ACSC E8 Nov 2023-ML1 User app hardening-MS Edge
Overview:
The Devicie Essential Eight Maturity Level 1 User Application Hardening (Nov 2023) Edge configuration is to meet the Australian Cyber Security Centre’s guidance for this mitigation strategy. This configuration is specifically for the vendors (Microsoft Edge) guidance, released in July 2022 for the Edge browser.
Intune Description:
E8 ML1 User App Hardening (Nov 2023) - ACSC MS Edge
Scope:
This baseline should be applied to Windows devices. Must be deployed with “ACSC E8 Nov 2023-ML1 User app hardening”.
Policy Impact Areas:
When deployed, this policy will impact:
-
Block intrusive ads.
- Enable Microsoft SmartScreen.
Deployment Notes
-
Pre-Deployment Considerations:
-
N/A
-
-
Post-Deployment Validation:
-
Review Edge configuration. Check Attack Surface Reduction rule has been enabled to block executable content from email client and webmail.
-
Known Issues and Resolutions
-
Issue 1: None at this time
-
Resolution: N/A
-
Configuration Settings:
|
Name |
Value |
|
Microsoft Edge |
|
|
Allow local MHTML files to open automatically in Internet Explorer mode |
Disabled |
|
Allow unconfigured sites to be reloaded in Internet Explorer mode |
Disabled |
|
Allow users to proceed from the HTTPS warning page |
Disabled |
|
Enable browser legacy extension point blocking |
Enabled |
|
Enable site isolation for every site |
Enabled |
|
Enhance images enabled (obsolete) |
Disabled |
|
Force WebSQL to be enabled |
Disabled |
|
Show the Reload in Internet Explorer mode button in the toolbar |
Disabled |
|
Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context |
Disabled |
|
HTTP authentication |
|
|
Allow Basic authentication for HTTP |
Disabled |
|
Supported authentication schemes |
Enabled |
|
Supported authentication schemes (Device) |
ntlm,negotiate |
|
Native Messaging |
|
|
Allow user-level native messaging hosts (installed without admin permissions) |
Disabled |
|
SmartScreen settings |
|
|
Configure Microsoft Defender SmartScreen |
Enabled |
|
Configure Microsoft Defender SmartScreen to block potentially unwanted apps |
Enabled |
|
Prevent bypassing Microsoft Defender SmartScreen prompts for sites |
Enabled |
|
Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads |
Enabled |
|
Typosquatting Checker settings |
|
|
Configure Edge Website Typo Protection |
Enabled |
|
Devicie Template Name |
ACSC E8 Nov 2023-ML1 User app hardening-MS Edge |
|
Default Intune Deployed Name |
Devicie - ACSC E8 Nov 2023-ML1 User app hardening-MS Edge |
|
Version |
1.0 |
|
Template Last Updated |
Nov 18, 2024 |
|
Document Last Updated: |
Jul 24, 2025 |