Microsoft has issued a security update to address a critical vulnerability in the Internet Explorer (IE) mode of its Edge browser. The update was released after security researchers and Microsoft discovered that threat actors were actively exploiting the legacy feature to gain unauthorized access to targeted systems.

The vulnerability existed within the architecture of how Microsoft Edge handles legacy web applications through IE mode. This security flaw allowed attackers to turn the feature into a persistent backdoor on compromised machines, effectively bypassing modern browser security protections.

Threat Actors Exploit Legacy Feature for Access

Cybercriminals created specially crafted websites that, when visited by a user in IE mode, would trigger the exploit. The successful execution of the attack allowed threat actors to run arbitrary code with the user’s privileges. This turned a compatibility feature into a direct entry point for attackers, enabling them to deploy further malware, exfiltrate data, or establish a long-term presence on the network. The exploitation was identified in a series of targeted attacks before the patch was developed.

Microsoft’s Response: Patch and Stricter Controls

In response to the active exploitation, Microsoft released a security patch that effectively locks down the vulnerable components of IE mode. The update addresses the root cause of the vulnerability by implementing stricter handling of legacy code and blocking the method used by attackers to escape the browser’s sandbox. Microsoft has urged all users and administrators to apply the latest Edge updates immediately to protect their systems from this threat. The patch is part of Microsoft’s commitment to securing legacy components that remain integrated into its current software offerings.

Source: https://thehackernews.com/2025/10/microsoft-locks-down-ie-mode-after.html