Microsoft stated it has revamped the Web Explorer (IE) mode in its Edge browser after receiving “credible experiences” in August 2025 that unknown menace actors have been abusing the backward compatibility characteristic to achieve unauthorized entry to customers’ gadgets.
“Risk actors have been leveraging fundamental social engineering methods alongside unpatched (0-day) exploits in Web Explorer’s JavaScript engine (Chakra) to achieve entry to sufferer gadgets,” the Microsoft Browser Vulnerability Analysis workforce stated in a report revealed final week.
Within the assault chain documented by the Home windows maker, the menace actors have been discovered to trick unsuspecting customers into visiting an seemingly reputable web site after which make use of a flyout on the web page to instruct them into reloading the web page in IE mode.
As soon as the web page is reloaded, the attackers are stated to have weaponized an unspecified exploit within the Chakra engine to acquire distant code execution. The an infection sequence culminates with the adversary utilizing a second exploit to raise their privileges out of the browser so as to seize full management of the sufferer’s system.
The exercise is regarding, not least as a result of it subverts fashionable defenses baked into Chromium and Microsoft Edge by launching it in a much less safe state utilizing Web Explorer, successfully permitting the menace actors to interrupt out of the confines of the browser and carry out numerous post-exploitation steps, together with malware deployment, lateral motion, and information exfiltration.
Microsoft didn’t disclose any particulars concerning the character of the vulnerabilities, the identification of the menace actor behind the assaults, and the size of the efforts.
Nevertheless, in response to proof of lively exploitation and the security danger posed by the characteristic, the corporate stated it has taken steps to take away the devoted toolbar button, context menu, and the hamburger menu objects.
Customers who want to allow IE mode will now must explicitly allow it on a case-by-case foundation by way of Edge browser settings –
- Navigate to Settings > Default Browser
- Find the choice labeled Permit websites to be reloaded in Web Explorer mode and set it to Permit
- After enabling this setting, add the precise web site(s) requiring IE compatibility to the Web Explorer mode pages checklist
- Reload the location
The Home windows maker famous that these restrictions to launching IE mode are essential to stability security and the necessity for legacy assist.
“This method ensures that the choice to load net content material utilizing legacy expertise is considerably extra intentional,” Microsoft stated. “The extra steps required so as to add a web site to a web site checklist are a big barrier for even probably the most decided attackers to beat.”
