In a recent blog post, Microsoft has explained why its browser seems to generate multiple processes for a single webpage and how it's all for the good. The Windows maker said that its Chromium-based Microsoft Edge uses a multi-process architecture (similar to other modern browsers) to offer better security and resource accountability.
"Browsers today are more like operating systems than document viewers," the company's –Allison Pastewka, Program Manager at Microsoft Edge, wrote. "Users are performing an increasing number of tasks in the browser, and fewer in desktop applications."
However, every web page, web app, and extension uses memory. As a result, users are often concerned about how memory usage impacts their experience.
Pastewka explained that most modern multi-process browsers are split into different processes, that include processes for the:
- Browser (manages primary controls)
- Utility (audio playback, network service, etc)
- Plug-in processes and extension processes (active plug-ins and extensions)
- Crashpad handler process (transmits crash reports to Microsoft)
Giving an example, Microsoft said that one tab and two extensions in Microsoft Edge can result in a user seeing some nine processes in the Task Manager. All of which work in tandem to offer a seamless browsing experience.
Microsoft Edge processes for one open tab and two extensions
- A browser process for the frame of the browser
- A GPU process to help display the graphics
- A renderer process that is running the code provided by an example site
- A network service utility process to help with network requests
- An audio service utility process to help with playing audio
- A plug-in process that is running the code provided by Flash
- Two extension processes, one for each extension, that are running code
- provided by the extension
- A crashpad handler process that is monitoring the health of Microsoft Edge
One significant edge that this multi-process architecture has is enhanced security. If malware manages to control one renderer process (most likely to be attacked since it communicates with the websites), it doesn't just automatically gets access to other processes. Since this process has low privileges, the problem remains contained even if an attacker manages to exploit a vulnerability and take control.
This process isolation also makes sure that a malicious ad that might be lurking on a shopping website doesn't get access to your payment information. "Ads are put in their own process so that even if the ad is compromised, it won’t have easy access to your sensitive information," Microsoft said.
The Windows maker is planning to share more information on how Microsoft Edge works and its memory usage, giving some insight into these new-age "operating systems." For those interested, complete blog post is available over here.