Microsoft tightens security measures in Edge after zero-day attacks

Microsoft Tightens Access to IE Mode in Edge Following Zero-Day Attacks

Microsoft has taken swift action to limit access to Internet Explorer mode in the Edge browser after uncovering zero-day attacks exploiting vulnerabilities in the Chakra JavaScript engine. These attacks allowed threat actors to execute remote code on targeted devices.

The Edge security team, led by Gareth Evans, received intelligence indicating that hackers were using Internet Explorer mode within Edge to compromise unsuspecting users’ devices. Despite the end of support for Internet Explorer in June 2022, Microsoft Edge still offers IE mode for compatibility with legacy technologies like ActiveX and Flash, which are still in use in some business applications and government portals.

In response to the threat, Microsoft has removed easy activation methods for IE mode in Edge, such as the toolbar button and context menu. Users now need to navigate to Settings > Default Browser > Allow to specify the pages that should be loaded using Internet Explorer.

These changes aim to make activating IE mode a deliberate user action to prevent unauthorized access. By restricting the list of approved websites that can load in IE mode, Microsoft intends to thwart attackers’ compromise attempts.

Commercial users will continue to use IE mode as configured through enterprise policies, but Microsoft encourages all users to transition from legacy web technologies in Internet Explorer to modern, more secure, reliable, and performant solutions.

Join the Breach and Attack Simulation Summit

Experience the future of security validation at the Breach and Attack Simulation Summit. Discover how AI-powered BAS is revolutionizing breach and attack simulations. Secure your spot now to shape the future of your security strategy.

See also  Unofficial Patches Released for New Windows RasMan Zero-Day Vulnerability

Register Now