Microsoft has decided to restrict access to Internet Explorer (IE) Mode in the Edge browser based on security reports. The company determined that this feature, designed for backward compatibility, presents multiple security risks. Under the new policy, IE Mode will be available only on centrally managed enterprise devices starting in 2026.

Critical Vulnerability in Microsoft Edge

The restriction was primarily driven by critical vulnerabilities discovered in the browser. Reports from Microsoft’s Browser Vulnerability Research team have shown that attackers can bypass modern security protections by exploiting legacy components of IE Mode. At the heart of this issue are zero-day vulnerabilities found in the legacy JavaScript engine, Chakra, from the Internet Explorer era.

Due to these security risks, Microsoft is restricting access to IE Mode to enhance enterprise security. Starting in 2026, the feature will only work on systems centrally managed by an organization.

IE Mode was previously developed to support legacy on-premises applications and ActiveX components. However, Microsoft is narrowing down the scope, citing the security risks and negative impacts on browser integrity posed by this feature.

According to Microsoft, IE Mode will only continue to work on devices registered through the Microsoft 365 admin portal or Active Directory. This change gives administrators control over which users can access IE-based content.

However, this new policy may present challenges, especially for small businesses or organizations lacking IT management. The company also announced plans to introduce new tools for migrating legacy applications to modern web technologies.