Microsoft Edge IE mode access tightening
Advisory/Mitigation
Summary
Hide ▲
Show ▼
Microsoft tightened access to IE mode in Edge after credible reports of active exploitation showed attackers abusing the legacy feature to gain unauthorized access. The change matters because the feature had been used as part of an attack chain that led to remote code execution, privilege escalation, and post-exploitation activity. Users who still need legacy compatibility must now enable IE mode case by case in Edge settings and add approved sites to the IE mode list.
Related Happenings
Microsoft Edge stops loading saved passwords into cleartext memory at startup
Security Tool/Service
First: 15.05.2026 17:49
Last: 15.05.2026 17:49
Sources 1
About this happening:
**Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...
Microsoft Edge stops loading saved passwords into cleartext memory at startup
Security Tool/ServiceAbout this happening: **Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...
CISA orders FCEB remediation for CVE-2025-60710
Public Sector Action
First: 15.04.2026 17:51
Last: 15.04.2026 17:51
Sources 1
About this happening:
CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
CISA orders FCEB remediation for CVE-2025-60710
Public Sector ActionAbout this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft Windows 11 KB5079473 Microsoft account sign-in disruption
Service Disruption
First: 20.03.2026 09:33
Last: 20.03.2026 09:33
Sources 1
About this happening:
**Microsoft**'s **Windows 11 KB5079473** update is disrupting **Microsoft account sign-ins** across multiple apps, creating false **no-internet** errors and blocking normal access...
Microsoft Windows 11 KB5079473 Microsoft account sign-in disruption
Service DisruptionAbout this happening: **Microsoft**'s **Windows 11 KB5079473** update is disrupting **Microsoft account sign-ins** across multiple apps, creating false **no-internet** errors and blocking normal access...
Latest development: 23.03.2026 10:04
Microsoft started rolling out the KB5085516 optional out-of-band update to fix the Microsoft account sign-in bug that appears after KB5079473 on Windows 11 25H2 and 24H2. The update addresses the false no-internet sign-in failure affecting Microsoft Teams, OneDrive, Microsoft Edge, Microsoft 365 Copilot, Excel, and Word, and it is available through Windows Update or the Microsoft Update Catalog.
Windows Autopatch enables hotpatch security updates by default for eligible devices
Security Tool/Service
First: 11.03.2026 11:15
Last: 11.03.2026 11:15
Sources 1
About this happening:
Microsoft is changing **Windows Autopatch** to enable **hotpatch security updates** by default, speeding security-fix rollout for eligible devices and reducing restart-related del...
Windows Autopatch enables hotpatch security updates by default for eligible devices
Security Tool/ServiceAbout this happening: Microsoft is changing **Windows Autopatch** to enable **hotpatch security updates** by default, speeding security-fix rollout for eligible devices and reducing restart-related del...
Timeline
-
13.10.2025 12:54 3 articles · 7mo ago
Microsoft tightens Edge IE mode access after abuse reports
Mitigation Patch UpdateMicrosoft removed the dedicated toolbar button, context menu, and hamburger menu items for Internet Explorer mode in Edge, and now requires users to enable legacy mode case by case in Edge settings and add specific sites to the Internet Explorer mode pages list after credible reports in August 2025 that unknown threat actors used social engineering and unpatched (0-day) Chakra exploits to gain unauthorized access, achieve remote code execution, and elevate privileges on victim devices.
Show sources
- Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor — thehackernews.com — 13.10.2025 12:54
- Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor — thehackernews.com — 13.10.2025 12:54
- Microsoft restricts IE mode access in Edge after zero-day attacks — www.bleepingcomputer.com — 14.10.2025 00:51