Skip to Content

Is the new Microsoft Edge 143 update critical for your enterprise security?

By: Author Alex Lim

Posted on

Categories Edge

Home » Browser » Edge » Is the new Microsoft Edge 143 update critical for your enterprise security?

Why does the Edge 143 security baseline still rely on version 139 configurations?

Microsoft deployed Edge Stable Channel version 143.0.3650.66 on December 4, 2025. This release serves two primary functions: patching critical security holes and refining browser performance. Alongside this binary update, the security team concluded their review of the accompanying Security Baseline. Administrators must understand how these two components—the software update and the configuration baseline—interact to maintain a secure environment.

Critical Security Patches in Version 143

The immediate priority for IT professionals is the deployment of version 143.0.3650.66. This update addresses 14 distinct security vulnerabilities. Neglecting this patch leaves endpoints exposed to known exploits.

Key Security Fixes:

  • Edge-Specific Vulnerability: The update resolves CVE-2025-62223. This flaw is specific to Microsoft’s implementation of the browser and requires immediate attention.
  • Chromium Foundation Fixes: Since Edge utilizes the Chromium engine, it inherits vulnerabilities found in Google Chrome. This release incorporates fixes for issues identified in Chrome version 143.0.7499.40/41.

Deploying this update closes these entry points. Verify your deployment rings to ensure high-priority users receive these patches first.

Feature Enhancements and Policy Updates

Beyond security, version 143 introduces functional changes that impact user experience and management capabilities. The development team has introduced several new administrative policies while deprecating outdated ones.

Operational Changes:

  • Performance Stability: The build addresses underlying bugs causing performance degradation in previous versions.
  • New Policies: Three specific computer and user settings are now available. These allow for more granular control over browser behavior within your domain.
  • Deprecated Policies: Administrators should review the release notes to identify retired policies. Relying on deprecated settings may cause configuration conflicts or reporting errors.

You can locate the specific list of added and removed policies in the MSFT Edge v142 to v143.xlsx file, available via the Microsoft Techcommunity.

Security Baseline Analysis

The Microsoft security team completed their review of Edge version 143 on December 3, 2025. Their analysis yielded a significant conclusion for system architects: no new security settings are required.

The existing baseline, established for Microsoft Edge version 139, remains the recommended configuration.

Implications for Administrators:

  1. Reduced Workload: You do not need to import a new GPO baseline for version 143.
  2. Continuity: Current security configurations remain valid and effective.
  3. Tool Availability: If you require a fresh download, the version 139 baseline is available within the Microsoft Security Compliance Toolkit.

Recommended Action Plan

Advisors recommend the following workflow to ensure compliance and stability:

  1. Patch Management: Approve and push Edge version 143.0.3650.66 immediately to mitigate the 14 identified vulnerabilities.
  2. Policy Audit: Download the policy comparison spreadsheet to verify if your organization relies on any newly deprecated settings.
  3. Baseline Verification: Confirm your group policy objects currently reflect the version 139 Security Baseline. No further baseline migration is necessary for this cycle.