Changes in Edge: TLS certificate validation, no more uninstall, Server 2012/R2 support

Edge[German]Starting with Microsoft Edge 110, Microsoft changes the verification of TLS certificates and decouples them from the host. In Edge 109, Microsoft has probably removed the uninstall function, and there will still be Edge support for Windows Server 2012 R2 until October. I have pulled out some topics around the Microsoft Edge.


Advertising

Currently, Microsoft is rebuilding the functionality of the Edge browser. In the blog post Microsoft Edge gets Adobe Acrobat as PDF reader I had reported about plans to integrate the Adobe Reader rendering engine. And in the blog post Edge 110.0.1587.41 with new policies and Azure AD Sync, I had pointed out that the new Edge in version 110 now offers a way to send files and notes across all logged-in mobile and desktop devices by means of the Drop feature. Administrators can control the availability of Drop via the EdgeEDropEnabled policy. But there are some other changes that have already been touched on in the blog, but I want to bring them up again.

And on the distant horizon is the "Phoenix" project, where Edge is supposed to get a modern design like Windows 11. MS Power User had published this article about it a few days ago.

By the way, if not yet known, Microsoft has published the Microsoft Edge Mobile – Policies support article at the end of 2022.

Uninstall disabled from Edge 109

The days there was this comment in my German blog, asking: Maybe it would be time (if I have not overlooked it) to write here an uninstall option for Edge pure. It's understandable, but in the meantime it's no more possible. In this German comment, blog reader Ben points out the following:

Already noticed? Edge has secretly disabled the uninstall function completely!
(setup.exe -uninstall -system-level -verbose-logging -force-uninstall) as of now without any function, see various threads on the Internet for example in the Deskmodder forum.

At deskmodder.de I found for example this comment from DK2000 about it. Here someone claims that the uninstallation is still possible with tricks though.

Edge 109: Support in Windows Server 2012/R2

I had already touched on it in the blog – Edge version 109 is the last browser version that is still supported on Windows 7 SP1, Windows 8.1 and the server variants. Would not be so tragic for Windows 7 SP1 and Windows 8.1, as they have fallen out of support in January 2023.

Problem, however, is Windows Server 2012 / R2, which is still in support by Microsoft until October 2023. A blog reader pointed out in this German comment that the Edge for these server variants still receives support until October 2023. Specifically, the Edge 109 will receive security updates for these server versions. Microsoft has documented this in theMicrosoft Edge supported Operating Systems support document. It states there:


Advertising

Microsoft Edge version 109 will be the last version supported on Windows Server 2012 and Windows 2012 R2. Microsoft Edge version 109 will receive critical security fixes and bug fixes for known exploit flaws on these platforms until October 10, 2023.

Now a new hurdle may arise right away: Just in case, where does one get an older Edge 109 version to install. I haven't tested it, but refer to this German comment thread on Google Chrome. The latter's web installer pulls Chrome 110 on Windows Server 2012 R2, which is then not targeted.

Edge 110 and TLS certificates

I had already addressed it here on the blog, but the topic was brought again to my attention again by an unnamed reader (thanks for the reminder), as Edge 110 is now rolling out (see Edge 110.0.1587.41 with new policies and Azure AD Sync). The reader wrote:

Hi – you have noticed that the Edge now changes the behavior for the RootCa. In the future it looks first at the MS, whether the RootCert is valid, and if there is nothing first in the local storage for RootCa Zerts.

This means that the admin loses the power to decide about the RootCa Certs. The fewest care and let the RootCas patch from MS, but some administrators may be annoyed. Authorities e.g. […]

In real life I haven't met anyone who was aware of where the RootCa Certs come from – or thought about it, except for the federal government, ministry of interior and such people.

I addressed the issue in the blog post Edge 109.0.1518.49 in the section Attention with the Edge 110. The Edge version 110 is not only the first version that only runs from Windows 10. Microsoft points out a change in the verification of TSL here. Details can be found in the article Changes to Microsoft Edge browser TLS server certificate verification.


Advertising

This entry was posted in browser, Windows and tagged . Bookmark the permalink.

2 Responses to Changes in Edge: TLS certificate validation, no more uninstall, Server 2012/R2 support

  1. EP says:

    Edge "Uninstall" not disabled on Win10 LTSC editions – I can still remove/uninstall edge via MSI installer when selecting the "uninstall" option on LTSC.
    maybe on non-ltsc w10 editions like on win10 home/pro/education/enterprise, edge uninstalls might be "disabled" or blocked

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).