Original publish date: November 4, 2025
KB ID: 5071357
Overview
Starting with the latest updates to Windows, Microsoft Defender SmartScreen has been deprecated in Internet Explorer and Internet Explorer (IE) Mode on Windows 11. This change was made as part of our ongoing efforts to modernize security across Windows and Microsoft Edge, while phasing out legacy components that are no longer aligned with current security standards.
SmartScreen continues to function in Microsoft Edge, Windows Shell, and other supported environments, but is no longer active within Internet Explorer or IE Mode scenarios on Windows 11. SmartScreen continues to function inside Internet Explorer and IEMode on older versions of Windows.
What is SmartScreen?
Microsoft Defender SmartScreen is a security feature designed to help protect users against phishing, malware, and other socially engineered attacks.
It operates in several ways:
-
Website protection: Checks visited URLs against a continuously updated list of reported phishing and malware sites.
-
Application reputation: Evaluates downloaded files to determine if they are potentially unsafe.
-
File protection: When a file is downloaded and tagged with a Mark-of-the-Web (MotW), SmartScreen in Windows Shell scans it when opened.
Why SmartScreen is being deprecated in Internet Explorer
Internet Explorer (IE) has been deprecated and is not supported as a standalone browser on Windows 11. Attempts to launch IE directly on Windows 11 will automatically redirect to Microsoft Edge.
The only supported scenario where Internet Explorer code operates on Windows 11 is through IE Mode in Microsoft Edge — a compatibility feature that allows enterprises to run legacy web applications that depend on legacy IE technologies.
The SmartScreen deprecation in IE and IE Mode was made for the following reasons:
-
Limited intended use IE Mode is designed exclusively for enterprise-configured, trusted intranet sites, not for browsing untrusted sites on the Internet.
-
Redundancy in protected environments: Since enterprise admins explicitly define the list of trusted sites allowed in IE Mode, SmartScreen’s anti-phishing functionality becomes redundant.
-
Removal of legacy SmartScreen components: The SmartScreen infrastructure in IE depended on legacy binary components that were removed as part of the broader modernization effort. Retaining SmartScreen in IE after these removals would have caused instability and inconsistent behavior.
-
Modern protection elsewhere: Files downloaded from IE and IE Mode are still protected through Mark-of-the-Web (MotW) tagging. When these files are opened later via Windows Explorer, SmartScreen in the Windows Shell continues to evaluate them for potential risks, similar to files downloaded from Microsoft Edge or Google Chrome. SmartScreen in the Windows Shell is controlled by the “Check apps and files” option in the Windows Security app.
Security Considerations
Internet Explorer and IE Mode should never be used for untrusted or public Internet sites. These legacy technologies expose a large attack surface and lack modern browser security features such as site isolation, robust sandboxing, and other mitigations available in Microsoft Edge.
While SmartScreen has been removed from IE and IE Mode, several layers of defense remain in place:
-
Mark-of-the-Web (MotW): Files downloaded through IE/IE Mode are still tagged, ensuring SmartScreen scans them upon opening via Windows Shell.
-
Enterprise isolation: IE Mode runs only on enterprise-managed, trusted internal sites.
-
Windows Defender and Microsoft Defender for Endpoint: Continue providing comprehensive protection against malware and other threats at the system level.
Recommended Actions for Administrators
For enterprise administrators or customers encountering issues related to SmartScreen disablement, Microsoft recommends the following:
-
Disable SmartScreen in IE Mode (if not already disabled) through Internet Options: Click Start, type internet options in the Search box and then click Internet Options. Go to the Security tab, select Trusted Sites, and then select Custom Level.Under Use Windows Defender SmartScreen, select Disable and then click OK.
-
Ensure IE Mode site lists include only trusted, internal enterprise applications.
-
Encourage users to access external or Internet-facing content using Microsoft Edge.
Frequently Asked Questions (FAQ)
No. SmartScreen remains fully active and supported in Microsoft Edge, Windows Shell, and other Windows experiences.
Yes. Files downloaded in IE or IE Mode continue to receive Mark-of-the-Web tagging. When opened, SmartScreen in the Windows Shell automatically scans them before execution.
While this article provides transparency for enterprise IT administrators, IE Mode should not be used to browse untrusted sites on the public Internet. Microsoft continues to recommend updating legacy web applications for compatibility with modern browsers.
No. The SmartScreen functionality in Internet Explorer and IE Mode has been permanently deprecated. Microsoft Defender SmartScreen continues to evolve for modern environments like Edge and Windows Shell.
More information
The removal of SmartScreen from Internet Explorer and IE Mode aligns with Microsoft’s broader security and modernization strategy.
Internet Explorer is a deprecated browser with significant legacy attack surface, and SmartScreen was redundant for its intended, limited-use scenario in IE Mode.
Administrators should ensure IE Mode is only used for trusted internal applications and continue leveraging modern browsers like Microsoft Edge for all other scenarios.
References
Third-party information disclaimer
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. We make no warranty, implied or otherwise, about the performance or reliability of these products.
We provide third-party contact information to help you find technical support. This contact information may change without notice. We do not guarantee the accuracy of this third-party contact information.
