Page 1 of 1

Is using Microsoft Edge Webview 2 Runtime safe at all?

Posted: Tue Oct 26, 2021 5:34 am
by BjarneB
Just got an update, and during that the Microsoft Edge Webview 2 Runtime was automatically downloaded and installed. I am using Viscosity to hide from Big Tech's, and remembering the attitude of Micro$oft from the past I'm somewhat concerened that M$ keep a kind of key to enter through a backdoor, or give that key to someone I definitively do not trust at all.
What does the Microsoft Edge Webview 2 Runtime really do, and will Viscosity still be functional if I uninstall it seperately? I'm runnnig the Win10 64bit OS and wanna keep it that way way past 2025 which is the end of Win10 support.
Looking forward to an answer.
Cheers
Bjarne 8-)

Re: Is using Microsoft Edge Webview 2 Runtime safe at all?

Posted: Tue Oct 26, 2021 12:27 pm
by Eric
Hi Bjarne,

The Edge Webview2 Runtime is used by Viscosity where webauth is required for new features in the 1.10 update like SSO/SAML authentication and 2FA onboarding. Other than this, it is not used.

In our view, yes it is safe. If you do use these features, a separate web environment (for things like cookies, cache, etc) is created in your %appdata%\Viscosity folder. It is based on chromium's version of the same APIs, all Microsoft have done so far is strip it back to share common code with Microsoft Edge to reduce the size of the runtime.

The Webview2 Runtime is built into Windows 11, and actually can't be removed from Windows 11, so is only required to be installed on Windows 10 machines.

As for is it safe to uninstall, yes. If you try to connect to a server that will require SSO/SAML and a webview to authenticate and you have removed the Webview2 Runtime, Viscosity will prompt you that the runtime is missing and that you will need to install it to continue.

Regards,
Eric