Listen folks, none of us give a dam about this new update. It sucks, it's horrible, it doesn't work, we can't uninstall it, we can't disable it or put something else at default. There are thousands of. Microsoft Edge is the best browser for shopping. Microsoft Edge is the only browser with built-in tools to help you save time and money when shopping online.

[German]Microsoft offers the new Chromium-based Edge Browser since a few days now. However, the security of the provided Windows installer is quite poor.

It was another ‘harmless’ mail I received from German security expert Stefan Kanthak. He asked me about the new Chromium based Edge browser from Microsoft:

have you already installed MicrosoftEdgeSetup.exe on Windows 7?

The installation program (a self-extractor) is once again industrial-
common insecure and broken junk… #

At this point I was curious and wanted to test it myself. So I quickly downloaded the installer and copied it into my test bed.

The test bed is provided by Stefan Kanthak, who deals with such security issues. You can download the file Forward.cab from his website and extract it into a folder. There is also a Sentinel.exe, which also need to be copies into this folder. The folder is then the test bed.

Note: If a virus scanner raise an alarm during visiting Kanthak’s website: He delivers the Eicar test virus in a data block attribute on its website to test whether browsers evaluate it and load it into memory for execution. A virus scanner should then be activated.

Installer Security Issues

With regard to the setup program (.exe file), Stefan Kanthak describes the following topics that caught my attention:

• 0. Only plus point: it does not request administrator rights at start-up;
• 1. but it loads at least VERSION.dll from its “application directory”;

However, when I listed the setup file MicrosoftEdgeSetup.exe, it wanted administrator privileges through User Account Control. There was also no alert when running it in my testbed.

After an exchange of a mail with Stefan Kanthak, the facts were clear. The Edge Setup file that loads the browser from the Internet does not need administrator rights. Rather, the program loads and unpacks the files needed for the Edge into a temporary directory before running. So it was clear why the testbed did not work. I then launched the downloaded setup exe file with the command:

MicrosoftEdgeSetup.exe /?

The installer and unpacker does not support options, but tries to call certain DLLs. And there I already got several warnings (see following picture) that DLL files would be reloaded from the current directory.

So the installer is vulnerable to DLL hijacking at least during unpacking. I have already warned here in the blog about several tools with such vulnerabilities. Unfortunately, Microsoft is also often present with their installers.

Microsoftedgesetup 4

Unpack/dowload to a temp directory

Stefan Kanthak then noticed that the installer writes the files into the Temp folder of the user profile when it is executed:

it creates a subdirectory EUT<abcd>.tmp in the %TEMP% folder, in
that it unpacks its payload (see following list):

…EU753E.tmpMicrosoftEdgeUpdate.exe
…EU753E.tmpmsedgeupdate.dll
…EU753E.tmpMicrosoftEdgeUpdateBroker.exe
…EU753E.tmpMicrosoftEdgeUpdateOnDemand.exe
…EU753E.tmpMicrosoftEdgeUpdateComRegisterShell64.exe
…EU753E.tmpMicrosoftEdgeComRegisterShellARM64.exe
…EU753E.tmppsmachine.dll
…EU753E.tmppsmachine_64.dll
…EU753E.tmppsmachine_arm64.dll
…EU753E.tmppsuser.dll
…EU753E.tmppsuser_64.dll
…EU753E.tmppsuser_arm64.dll
…EU753E.tmpNOTICE.TXT
…EU753E.tmpMicrosoftEdgeUpdateCore.exe
…EU753E.tmpmsedgeupdateres_am.dll
…
…EU753E.tmpmsedgeupdateres_uz-Latn.dll
…EU753E.tmpMicrosoftEdgeUpdateSetup.exe

I could not find this directory on my drive. Later I found out that the installer deletes this directory after the installation. Only when I looked again during the setup process was the temporary folder there.

Malware has write and execute rights to temp

The Temp folder in the user profile can be filled with files by the user, including malware, at any time. Malware can therefore easily overwrite the Edge’s setup files in the Temp folder. These would then be executed during setup and the Malware would receive administrator rights from the installer. Stefan Kanthak writes about another problem:

3. unfortunately inherit the subdirectory and thus the unpacked files the inheritable NTFS access rights of %TEMP% … the since 20 years the entry

(D;OIIO;WP;;;;WD) alias “Prohibit file execution” included

So this crap of installer, created by bloody beginners, failed in an attempt to launch EU753E.tmpMicrosoftEdgeUpdate.exe without a further error message!

4. after I changed the NTFS access rights of …EU753E.tmp* before launcing …EU753E.tmpMicrosoftEdgeUpdate.exe the installer crap shows the window below with error code 0x80040C01.

This error code seems to be a universal code. This is because the error also appears when calling the setup program with the /? switch. Stefan Kanthak writes that the Help button displayed in the window calls the standard browser with this troubleshooting page. Unfortunately, the error code 0x80040C01 is not explained there.

The TenForums website does document error codes, but the above code is not included. The conclusion remains that the Edge Installer is not that exciting from a security point of view. Not so nice …

About Microsoft Edge

Microsoftedgesetup.exe

With a rather dismal reputation with its Internet Explorer browser, Microsoft had to come up with something to rival the giants in the Internet web browser market which had essentially been taken over by the likes of Google with its Google Chrome. That's where Microsoft Edge 90.0.818.42 comes into play. The new web browser by MS is a completely new browser that is powered by the same open source software called Chromium, a project started by Google employees which eventually lead to the creation of the Chrome browser. This download is licensed as freeware for the Windows (32-bit and 64-bit) operating system/platform without restrictions. Microsoft Edge is available to all software users as a free download for Windows.

We tested the file MicrosoftEdgeSetup.exe with 22 antivirus programs and it turned out 100% clean. It's good practice to test any downloads from the Internet with trustworthy antivirus software.

Older versions of Windows often have trouble running modern software and thus Microsoft Edge may run into errors if you're running something like Windows XP. Conversely, much older software that hasn't been updated in years may run into errors while running on newer operating systems like Windows 10. You can always try running older programs in compatibility mode.

Officially supported operating systems include 32-bit and 64-bit versions of Windows 10, Windows 8 and Windows 7.

The current version of Microsoft Edge is 90.0.818.42 and is the latest version since we last checked. This is the full offline installer setup file for PC. This site has hosted other versions of it in the past such as 89.0.774.77, 89.0.774.68, 89.0.774.63, 89.0.774.57 and 89.0.774.54. At the moment, only the latest version is available.

The program currently supports over 5 video formats including AVI, EVO, MOV, MPE and OGG.

Microsoftedgesetup Switches

Microsoft Edge supports over 3 common image formats including MPO, NEF and RAW.

Alternatives to Microsoft Edge available for download

• Chromium x64
• Chromium Portable
  A portable version of the open source Chromium browser.
• SRWare Iron Portable
  Portable version of the stripped-down Chromium-based browser.
• SRWare Iron
  Privacy-aware version of Google's Chrome browser, powered by Chromium.
• Opera Developer
  The cutting edge version of the Opera browser based on Chrome.
• Chromium
  A very fast and free open-source web browser with a minimalist design, stable build and full support for extensions from the Google Chrome store.
• SuperBird Browser
  A modified version of Google Chrome which does not integrate with Google services.
• Comodo Dragon Browser
• AOL Shield
  Chromium-based web browser from America Online which provides a number of security and privacy features.
• Chrome Cleanup Tool
  Removes any software or issues that disrupt Google's Chrome browser.