Microsoft is preparing to roll out a new security feature in Edge that will automatically detect and revoke malicious sideloaded extensions, helping protect users from potential browser-based attacks.
Currently, Edge allows developers to sideload extensions—by enabling Developer Mode and using the Load unpacked option—primarily for testing before publishing them to the Microsoft Edge Add-ons store. However, this same process also allows unverified third-party extensions to be installed, leaving users vulnerable to malware.
While users can manually remove dangerous extensions via the Extensions management page, this often comes too late, as attackers have previously tricked people into installing malicious add-ons, affecting hundreds of thousands of users in recent years.
According to the Microsoft 365 roadmap, the new feature is scheduled to launch in November 2025 for standard multi-tenant instances worldwide. Although Microsoft has not disclosed exactly how these extensions will be flagged, the company states that Edge will automatically detect and revoke malicious sideloaded extensions.
This addition builds on Microsoft’s broader efforts to strengthen Edge browser security, which include:
- Publish API updates for safer extension developer accounts and updates.
- A performance warning system for extensions that slow down browsing.
- An AI-powered scareware blocker was introduced in February, which detects tech support scams in real time using a local ML model.
- The rollout of HTTPS-First Mode, which upgrades HTTP connections to HTTPS by default.
- Sleeping tabs auto-discarding (Edge v140, August 2025) to improve memory efficiency.
With malicious browser extensions being a recurring attack vector, Microsoft’s move to revoke harmful sideloaded add-ons could significantly improve user safety and trust in Edge.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
