Microsoft is tightening access to Internet Explorer (IE) mode in its Edge browser following the discovery of zero-day vulnerabilities being exploited by cybercriminals. These attacks exploit the Chakra JavaScript engine to execute remote code on targeted devices. In August, Microsoft’s Edge security team identified this new threat vector, where attackers use social engineering tactics to lure users to deceptive websites. These sites prompt users to open pages in IE mode, triggering the exploit.
The attack process involves multiple stages. Initially, the zero-day vulnerability in the Chakra engine is exploited. Following this, a secondary, unspecified vulnerability is used for privilege escalation, allowing attackers to bypass the browser’s security measures and gain full control of the device. Microsoft has not disclosed the specific vulnerabilities and confirmed that the flaw in the Chakra engine is yet to be patched.
IE mode, originally retained in Edge for compatibility with older technologies like ActiveX and Flash, is now more restricted. Simple activation methods, such as toolbar buttons and menu options, have been removed to prevent accidental or malicious use. Users now need to explicitly specify permitted pages in the settings to use IE mode, making it harder for attackers to exploit this feature. These changes do not affect commercial users who configure IE mode through enterprise policies. Microsoft encourages users to transition from outdated Internet Explorer technologies to modern solutions for enhanced security and performance.
