Microsoft Edge 138 introduces new policies and asks IT admins to test key features

Last week, Microsoft released Edge version 138, bringing AI-powered history search, performance notifications, and a new consent toggle for autofill settings. Alongside these user-facing features, Microsoft has added six new policies for IT administrators to review and test.

What IT admins need to know

While the security baseline remains unchanged from Edge 128, Microsoft encourages IT teams to focus on two preview settings that will be enabled by default in future updates:

• TLS 1.3 Early Data: This boosts HTTPS performance by sending requests during the TLS handshake. Admins are asked to test this to catch any compatibility issues.
• Blocking Public Website Requests to Local Network Devices: It is designed to improve security by preventing malicious sites from accessing local network devices like printers or APIs. Admins should verify it doesn’t block legitimate requests.

Microsoft notes a label marking this second policy as deprecated is an error and will be fixed soon.

The full list of new policies in Edge 138

• TLS13EarlyDataEnabled: This one controls TLS 1.3 Early Data
• LocalNetworkAccessRestrictionsEnabled: It blocks public site access to local devices
• BuiltInAIAPIsEnabled: Allows webpages to use built-in AI APIs
• EdgeHistoryAISearchEnabled: Controls access to AI-powered history search
• PrefetchWithServiceWorkerEnabled: It enables prefetching for ServiceWorker URLs
• EdgeOpenExternalLinksWithPrimaryWorkProfileEnabled: Opens links using the Primary Work Profile by default

For full details, IT admins can check the official Microsoft Edge policies documentation.