U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Microsoft revamps Internet Explorer Mode in Edge after August attacks

Microsoft updated Edge’s Internet Explorer mode after August 2025 reports that attackers exploited it to access users’ devices without authorization. Microsoft updated Edge’s Internet Explorer mode after reports in August 2025 that threat actors exploited the backward compatibility feature to gain unauthorized device access. Microsoft Edge’s IE mode lets organizations run legacy Internet Explorer 11 […]

Edge browser

Microsoft updated Edge’s Internet Explorer mode after August 2025 reports that attackers exploited it to access users’ devices without authorization.

Microsoft updated Edge’s Internet Explorer mode after reports in August 2025 that threat actors exploited the backward compatibility feature to gain unauthorized device access.

Microsoft Edge’s IE mode lets organizations run legacy Internet Explorer 11 sites and apps within a modern browser, simplifying access to old and new web applications.

In August 2025, attackers exploited Edge’s IE mode using social engineering and unpatched IE Chakra vulnerabilities.

Microsoft did not disclose any technical details about the attacks and the identity of the threat actor behind the offensives.

They tricked users into reloading pages in IE mode, gained remote code execution, escalated privileges, and could install malware, move laterally, or steal sensitive data.

“In August 2025, the Edge security team received credible intelligence that threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploits in Internet Explorer’s JavaScript engine (Chakra) to gain access to victim devices. The attacker would first convince the victim to navigate to an official-looking spoofed website, then use a flyout on the page to request the user to reload the page in Internet Explorer mode.” reads the advisory published by Microsoft. “The attackers would then leverage a Chakra (IE’s JavaScript engine) exploit to gain remote code execution. Finally, the attackers would use a second exploit to elevate their privileges out of the browser to gain full control of the victim’s device.”

To mitigate the issue, after active IE mode exploits, Edge removed easy-access buttons for non-commercial users. IE mode now requires explicit site-by-site enabling via Settings > Default Browser, improving security while maintaining compatibility.

Internet Explorer mode Edge

“Microsoft Edge continues to evolve, balancing the need for legacy support with robust, modern security. By restricting casual access to IE mode, the Edge browser security team is reducing the risk of exploitation while providing a clear, auditable pathway for genuine business requirements.” concludes the advisory.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Internet Explorer mode)