From zdnet.com
The lead of Microsoft Edge Vulnerability Research Johnathan Norman has detailed an experiment in Edge that disabled the JavaScript just-in-time (JIT) compiler to enable some extra security protections.
Describing JIT compiling as a “remarkably complex process that very few people understand and it has a small margin for error”, Norman pointed out that half of all vulnerabilities for the V8 JavaScript engine was related to the process.
With the JIT engine turned off, it was possible for Edge to turn on protections — such as the hardware-based Control-flow Enforcement Technology (CET) from Intel, and Windows’ Arbitrary Code Guard (ACG) and Control Flow Guard (CFG) — that were previously incompatible with JIT.