Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Edge IE mode access tightening

Advisory/Mitigation
First reported
Last updated
Happening score
H score 34
2 unique sources, 2 articles

Summary

Hide ▲

Microsoft tightened access to IE mode in Edge after credible reports of active exploitation showed attackers abusing the legacy feature to gain unauthorized access. The change matters because the feature had been used as part of an attack chain that led to remote code execution, privilege escalation, and post-exploitation activity. Users who still need legacy compatibility must now enable IE mode case by case in Edge settings and add approved sites to the IE mode list.

Related Happenings

Browser-layer visibility guidance for browser-native threats

Defensive Guidance
H score22 First: 05.06.2026 17:00 Last: 05.06.2026 17:00 Sources 1

About this happening: **Security teams** are being pushed to treat **browser sessions** as the primary detection surface for **phishing**, **credential theft**, and **ClickFix**. **Browser-native attac...

Microsoft Edge stops loading saved passwords into cleartext memory at startup

Security Tool/Service
H score10 First: 15.05.2026 17:49 Last: 15.05.2026 17:49 Sources 1

About this happening: **Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...

CISA orders FCEB remediation for CVE-2025-60710

Public Sector Action
H score34 First: 15.04.2026 17:51 Last: 15.04.2026 17:51 Sources 1

About this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...

Microsoft April 2026 Patch Tuesday security update (165 CVEs)

Security Patch Release
H score62 First: 15.04.2026 00:22 Last: 15.04.2026 00:22 Sources 1

About this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...

Microsoft Windows 11 KB5079473 Microsoft account sign-in disruption

Service Disruption
H score0 First: 20.03.2026 09:33 Last: 20.03.2026 09:33 Sources 1

About this happening: **Microsoft**'s **Windows 11 KB5079473** update is disrupting **Microsoft account sign-ins** across multiple apps, creating false **no-internet** errors and blocking normal access...

Latest development: 23.03.2026 10:04

Microsoft started rolling out the KB5085516 optional out-of-band update to fix the Microsoft account sign-in bug that appears after KB5079473 on Windows 11 25H2 and 24H2. The update addresses the false no-internet sign-in failure affecting Microsoft Teams, OneDrive, Microsoft Edge, Microsoft 365 Copilot, Excel, and Word, and it is available through Windows Update or the Microsoft Update Catalog.

Timeline

  1. 13.10.2025 12:54 3 articles · 8mo ago

    Microsoft tightens Edge IE mode access after abuse reports

    Mitigation Patch Update

    Microsoft removed the dedicated toolbar button, context menu, and hamburger menu items for Internet Explorer mode in Edge, and now requires users to enable legacy mode case by case in Edge settings and add specific sites to the Internet Explorer mode pages list after credible reports in August 2025 that unknown threat actors used social engineering and unpatched (0-day) Chakra exploits to gain unauthorized access, achieve remote code execution, and elevate privileges on victim devices.

    Show sources