Analysis

Microsoft (MSFT) has issued a warning regarding active exploitation of unpatched Internet Explorer vulnerabilities through its "IE Mode" within the Edge browser. Hackers are leveraging social engineering to trick users into activating this legacy mode, enabling remote code execution via Chakra engine exploits and privilege escalation to gain full control of devices, bypassing Edge's security safeguards. This allows for malware installation, network spying, and data theft, posing a significant cybersecurity risk. In response, Microsoft is implementing stricter activation controls for non-commercial users by removing high-risk entry points like dedicated toolbar buttons and context menus for IE Mode. The goal is to make the decision to load web content using legacy technology "significantly more intentional." However, Microsoft acknowledges these measures are "not a patch, merely a hindrance," and notably, "no changes were made to the logic for commercial users to enable IE mode through enterprise policies." The continued vulnerability of IE Mode highlights the challenges of maintaining backward compatibility while ensuring modern security. While Microsoft is attempting to mitigate risks for non-commercial users, the lack of a full patch and unchanged policies for commercial users suggest ongoing exposure. The company's ultimate recommendation for users to abandon Internet Explorer underscores the inherent security risks associated with outdated web technologies.