Microsoft Edge Will Block Malicious Third-Party Extensions

Microsoft has announced a new security feature for its Edge browser that will block malicious extensions installed outside the official store.

Sideloading: A Security Loophole

In Edge, developers can install extensions locally—known as sideloading—to test them before submitting to the official Microsoft Edge Add-ons store. This requires enabling Developer mode on the extensions management page and using the Load unpacked option.

While intended for developers, regular users can also sideload extensions. This opens the door to third-party extensions that have not been reviewed or vetted for malicious behavior.

Microsoft notes that attackers have repeatedly exploited this loophole in recent years, tricking users into installing harmful extensions—sometimes impacting hundreds of thousands of people. Even if a user later removes such an extension, the damage may already be done.

The Upcoming Protection

Microsoft Edge will soon gain the ability to “detect and revoke malicious sideloaded extensions.” Details on how the browser will identify dangerous extensions have not yet been disclosed, but the feature is expected to roll out in November 2025 across multi-tenant instances worldwide.

Strengthening the Extension Ecosystem

This update follows a series of recent security improvements for Edge’s extension environment. Microsoft has:

• Introduced a Publish API to simplify and secure extension publishing for developers.
• Implemented additional checks for developer accounts and the update process.
• Begun testing performance warnings that notify users about extensions slowing down Edge.

Why this matters

Browser extensions remain a popular attack vector because they operate with broad permissions. By tightening security around sideloading, Microsoft is aiming to reduce one of the most common ways attackers bypass official review processes.