Microsoft is imposing new restrictions on the Internet Explorer (IE) mode within its Edge browser after discovering active zero-day exploits. Attackers were using social engineering to direct users to a spoofed website that prompted them to switch to IE mode. Once activated, the attackers exploited an unpatched vulnerability in the legacy Chakra JavaScript engine to achieve remote code execution.
The exploit chain involved a second flaw that allowed privilege escalation and a full device takeover. In response, Microsoft has disabled easy-access methods like the toolbar button and context menu for activating IE mode. Users must now manually configure specific websites for IE mode through the browser's settings.
This change is designed to ensure that using IE mode is a deliberate action, making it harder for attackers to succeed. The restrictions do not apply to enterprise environments managed by group policies. Microsoft reiterates that organizations should migrate from legacy IE technologies to modern, more secure web platforms.
Read more...