Well, if Microsoft are looking for advice, I have a new thing that they might want to try, which might help them attract users to their shiny new browser: they can fix the fucking thing. Because right now, it's apparently full of unpatched security vulnerabilities -- something of an embarrassment, considering that everything about Windows 10 is supposed to be the most secure ever.
From BleepingComputer:
Google has gone public with details of a second unpatched vulnerability in Microsoft products, this time in Edge and Internet Explorer, after last week they've published details about a bug in the Windows GDI (Graphics Device Interface) component.
At the time of writing, the bug remains unpatched after Microsoft canceled February's Patch Tuesday security updates, citing a "last minute issue."
[...]
The bug, discovered by Google Project Zero researcher Ivan Fratric, is tracked by the CVE-2017-0037 identifier and is a type confusion, a kind of security flaw that can allow an attacker to execute code on the affected machine, and take over a device.
Details about CVE-2017-0037 are available in Google's bug report, along with proof-of-concept code. The PoC code causes a crash of the exploited browser, but depending on the attacker's skill level, more dangerous exploits could be built.
Fratric found the bug at the end of November and disclosed it today after the 90-day deadline Google provides to affected companies had expired.Oops.
In the past, this is the sort of issue that Microsoft would have fixed quickly, and quietly patched as soon as the patch was ready, but patches are now a once-monthly event... something which we now know, for sure, includes unpatched security flaws in their products. Not exactly the way I'd go about (re)building consumer confidence in my new OS or web browser, but what do I know? I'm just a consumer.
I'll tell you what I do know, though. I know that I won't be switching to Windows 10, or to Edge, anytime soon. Sort out your shit, Microsoft.