I ran across a couple of local programs that access a copy of “msedgewebview2” runtime to gain access to the net. One of them uses a version stored in the “C:\Program Files (x86)\Microsoft\EdgeWebView” path, but the other program has it’s own copy in its application folder under Program Files at “C:\Program Files\SINE Player\BrowserRuntime”. Both are signed by Microsoft, but are different versions.
I did some checking, and this executable is NOT the MS Edge browser itself, but rather is a runtime method for a web aware application to connect to the network. So it apparently is a Microsoft method for a 3rd party application to be web enabled internally, for example so it can access a proprietary in-app store. I contacted the tech support for one application, and they confirmed that’s how it is supposed to work.
I had to set firewall policies to block each of them (as I am not comfy with a program getting net access using this method), but that did not affect the MS Edge browser itself, which is a good thing… Edge has its own executable and firewall policy (allowed here).
With WebView2, you can embed web code in different parts of your native app, or build all of the native app within a single WebView instance.
I have been watching this issue for some time as it causes mayhem with Edge View and Creative Cloud updates and is an almost daily royal pain as I want to use Ask To Connect at all times so being able to white list by executable name (path is not going to help as these things run out of TEMP) would be gold.
My license comes up for renewal shortly and I am seriously thinking about letting it lapse which would be disappointing as Glasswire is a fantastic in all other regards but as a responsible adult I need some way of whitelisting those processes so they can run but are monitored. On one newer Windows 10 Adobe Creative Cloud PC in particular needs Glasswire to be completely deactivated and closed to proceed but not on my Windows 10 laptop which is strange and probably a policy issue; that said, having to go through this every few days is a real time bandit. How about a class of notification for white-listed executables so it is a visible alert but not a show stopper. Thanks.