Microsoft Rolling Out Automatic HTTPS In Edge Browser To Secure Web Traffic, Block MitM attacks, More

Microsoft Rolling Out Automatic HTTPS In Edge Browser To Secure Web Traffic, Block MitM Attacks, More

Microsoft added an Automatic HTTPS feature to its Edge browser. The feature will automatically switch users to secure connections when they browse websites over HTTP.

The feature, which was added to the Microsoft 365 roadmap earlier this year, is in preview and is gradually rolling out to select users of MS Edge 92.

Automatic HTTPS will be automatically connecting our web connections to secure websites, Microsoft said today:

“Automatic HTTPS switches your connections to websites from HTTP to HTTPS on sites that are highly likely to support the more secure protocol.”

Microsoft has compiled a list of websites that support HTTPS based on its analysis of the Internet:

“The list of HTTPS-capable websites is based on Microsoft’s analysis of the web, and helps enable a more secure connection on hundreds of thousands of top domains.”

HTTPS is a protocol for secure connection that prevents unauthorized individuals or groups from accessing your web traffic. Using HTTPS while browsing the web helps prevent unauthorized access to your data while it’s in transit, Microsoft explains.

By automatically switching to an HTTPS connection, the Edge browser will block MitM attacks and tampering with unencrypted HTTP web traffic. Data including passwords, credit card info, and other sensitive info sent and received over HTTP can be easily harvested by malicious programs running on a compromised machine.

You can test it right now by opening edge://settings/privacy and turning on “Automatically switch on more secure connections” in Edge.

If the feature has been rolled out to you yet, you can enable it by going to edge://flags/#edge-automatic-https, turning on “Automatic HTTPS,” and restarting the browser.

The HTTPS settings will kick in automatically and will allow you to browse the Web as usual without giving any alerts.

If a website does not support HTTPS, then automatic switching to this secure protocol is not performed. However, you can switch it on manually for all connections, but will likely lead to connection errors.

Microsoft is not the first major vendor to add this feature, as many web browsers, Google Chrome and Mozilla are among them, automatically use HTTPS.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.