Microsoft Locks Down IE Mode After Hackers Exploited Legacy Feature
Microsoft restricts IE Mode in Edge after threat actors exploited Chakra engine flaws for remote access.
Microsoft received "credible reports" in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users' devices.
Threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploits in Internet Explorer's JavaScript engine (Chakra) to gain access to victim devices
In the attack chain, threat actors tricked users into visiting a seemingly legitimate website, then employed a flyout to instruct them to reload the page in IE mode.
Microsoft has revamped the Internet Explorer (IE) mode in its Edge browser to prevent such exploits.
Author's summary: Microsoft restricts IE mode due to hacking concerns.
- Exploited Chakra engine flaws for remote access
- Used social engineering and unpatched exploits
- Tricked users into reloading pages in IE mode