Impreza Portal
Sign InMy ServicesMy DomainsMy InvoicesMy Tickets
News
Celebrative Logos
Our Platform
Carbon Removal Commitment
Tutorials
Video TutorialsKnowledge Base
More
UptimeNetwork StatusAffiliatesJobsAbout us
Contact
Submit Ticket (Less than 1hour to answer)Whatsapp (Less than 24hours to answer)Telegram (Less than 24hours to answer)Report Abuse
HOMEDOMAINS
CONTACT
Login
Sign InCreate an Account
No Comments

Microsoft Strengthens Edge Security After IE Mode Exploit

MacOS and Linux Devices Vulnerable

 

Microsoft announced that it revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users’ devices.

According to the Microsoft Browser Vulnerability Research team, “Threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploits in Internet Explorer’s JavaScript engine (Chakra) to gain access to victim devices,” as detailed in a report published last week.

In its investigation, the Windows maker revealed that the attackers tricked unsuspecting users into visiting a seemingly legitimate website. Then, they used a flyout on the page to instruct victims to reload the page in IE mode.

Once victims reloaded the page, the attackers exploited an unspecified flaw in the Chakra engine to achieve remote code execution. After that, they used a second exploit to escalate privileges beyond the browser, ultimately taking full control of the compromised device.

This activity raises serious concerns because it undermines modern defenses built into Chromium and Microsoft Edge. By launching Edge in a less secure state through Internet Explorer, the attackers bypassed core protections and executed several post-exploitation actions, including malware deployment, lateral movement, and data exfiltration.

Microsoft did not reveal details about the specific vulnerabilities, the identity of the attackers, or the scale of the campaign.

Is IE mode disabled forever?

However, in response to confirmed evidence of active exploitation and the risks associated with the feature, the company removed the dedicated toolbar button, context menu, and hamburger menu items.

Now, users who want to enable IE mode must do so manually and on a case-by-case basis through the Edge browser settings:

  1. Navigate to Settings > Default Browser.
  2. Locate the option labeled Allow sites to be reloaded in Internet Explorer mode and set it to Allow.
  3. After enabling this setting, add the specific site(s) requiring IE compatibility to the Internet Explorer mode pages list.
  4. Reload the site.

Microsoft emphasized that these tighter restrictions help balance the need for security with the demand for legacy support.

“This approach ensures that the decision to load web content using legacy technology is significantly more intentional,” Microsoft explained. “The additional steps required to add a site to a site list are a significant barrier for even the most determined attackers to overcome.”

 

Source: TheHackerNews

Read more at Impreza News

You might also like
News, Tips
News, Tips

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.