28 June 2020, 0 Comments

Automatic delivery of Microsoft Edge

As you may or may not be aware, Microsoft have been planning to replace their Edge browser with a new Chromium-based Edge browser. Basically Chromium is an open-source web browser engine which sounds suspiciously like another web browser commonly used. Yep, Chromium is a an open-source project by Google, used or course by Chrome and many other web browsers.

As one of the most used web browser engines it makes total sense for Microsoft to forget about developing their own, and it’s probably about time, they’ve had a number of shots at it and it’s really only cost them.

Anyway, this month (January 15) Microsoft will begin rolling out the new Chromium Edge browser via Microsoft Updates and every device running Windows 10 1803 and above will be automatically updated. YEAY I hear you say! Or maybe not. Let’s face it, nobody wants to be the first when it comes to Microsoft updates, and having a new browser just replace the existing Edge on your device may not provide the user experience you’re looking for. Not to worry, Microsoft have provided a toolkit to block the automatic update (assuming you don’t use WSUS).

The new Microsoft Edge based on Chromium features tight Office 365 integration with the new tab page, some organisations may not be ready to make the switch just yet.

The toolkit can be found here and once downloaded and extracted contains two methods to block, via a script or via group policy. Either way a new registry setting is created on the client here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EdgeUpdate
Value: DoNotUpdateToEdgeWithChromium
Type: DWord
Value: 1

Setting the above value will prevent the new edge from automatically installing. Deleting this value or setting it to 0 will unblock. However there is something to note:

Note: This registry setting is not stored in a policies key and is considered a preference. Therefore, if the Group Policy Object that implements the setting is ever removed or the policy is set to Not Configured, the setting will remain. To unblock distribution of Microsoft Edge (Chromium-based) by using Group Policy, set the policy to Disabled.

Bearing this in mind, deploying the registry change via script instead of GPO may be the preferred method to avoid having phantom GPO applying in future.

Personally I think all browsers running on the same engine is a win, but there’s no harm in being cautious when it comes to the first release.