Microsoft has limited the IE mode feature in its Edge browser following credible reports in August 2025 that cyber threat actors exploited it to compromise users' devices, specifically through zero-day vulnerabilities targeting the Chakra JavaScript engine.

Hackers exploited these zero-day flaws via social engineering tactics, tricking users into reloading websites in IE mode, which then allowed attackers to take control of browsers and potentially gain full control of affected devices.

This vulnerability enabled threat actors to bypass modern security defenses, facilitating malware deployment, lateral movement within networks, and data theft.

Microsoft confirmed that the Chakra flaw remains unpatched and was exploited alongside a second vulnerability to escalate privileges and escape the browser, though detailed technical information has not been disclosed.

Although support for Internet Explorer ended in 2022, IE mode remains available in Edge for legacy compatibility, especially for business applications and government portals.

Microsoft has not disclosed detailed information about the vulnerabilities, the threat actors involved, or the scale of the attacks, but the incidents underscore the risks associated with legacy browser modes.

In response, Microsoft removed easy activation methods for IE mode, such as toolbar buttons and context menu options, requiring users to manually enable IE mode in settings for added security.

The new restrictions are designed to ensure IE mode activation is a deliberate user action and to restrict the list of websites that can load in IE mode, thereby reducing attack vectors.

Microsoft emphasized that these restrictions do not affect enterprise users, who can continue to use IE mode via enterprise policies, especially since support for Internet Explorer officially ended in June 2022.

Security experts warn that legacy modes like IE increase the attack surface, particularly in distributed and BYOD environments, highlighting the importance of strict controls, user education, and layered security measures.

While IE mode allows access to legacy websites dependent on older components like ActiveX, it introduces security vulnerabilities due to its reliance on the outdated Internet Explorer environment.

Microsoft encourages users to migrate from Internet Explorer to modern browsers to benefit from enhanced security, reliability, and performance.