Edge’s Internet Explorer Mode Is Restricted After a Vulnerability

Edge's Internet Explorer Mode Is Restricted After a Vulnerability

Due to a security vulnerability, Microsoft has tightened the grip on Edge’s IE mode.

This mode remains in place to ensure compatibility with sites that still rely on outdated technologies such as Flash and ActiveX. It leverages the rendering engine of Internet Explorer 11 (Trident/MSHTML).

A Remote Code Execution in the JavaScript Engine

In August, Microsoft was alerted to a social engineering campaign combined with a zero-day vulnerability in Chakra, Internet Explorer’s JavaScript engine.

Read also: Windows 11: the clamp tightens on local accounts

The victim was directed to a malicious site that loaded in IE mode, paving the way for remote code execution and then an elevation of privileges outside the browser.

IE mode becomes harder to enable

In this context, Microsoft decided to remove several entry points to IE mode. Specifically, the context menu (displayed when right-clicking on a tab or a link), the hamburger menu, and the toolbar button.

Users now have to go to Edge’s settings, enable the IE mode, and then add allowed sites on a case-by-case basis.

This change does not affect Edge Enterprise, where enabling IE mode is still performed via policies.

Dawn Liphardt

Dawn Liphardt

I'm Dawn Liphardt, the founder and lead writer of this publication. With a background in philosophy and a deep interest in the social impact of technology, I started this platform to explore how innovation shapes — and sometimes disrupts — the world we live in. My work focuses on critical, human-centered storytelling at the frontier of artificial intelligence and emerging tech.

© 2025 Dawn Liphardt