Use MEM to remove Internet Explorer

Internet Explorer has been around for about 25 years and was my personal favorite browser for a long time. But it is long over due that we look into how we could completely replace IE with another more manageable, stable, compatible and secure browser.

Microsoft has begun to remove IE support from some 365-services and the latest is that M365 apps no longer are supported. Note! Internet Explorer 11 desktop app is not included in Windows 11.

Internet Explorer desktop app is scheduled to be retired by 2022-june

Samsung Knox will remove IE11 support from 2021-12-31

In this post we will look into how to replace IE desktop app with Microsoft Edge by using Microsoft Endpoint Manager (MEM) and proactive remediation. This method could be used for testing and evaluation purposes.

Windows 10OK
Windows 11IE 11 Desktop app is not included in Windows 11

Manually remove Internet Explorer desktop app

Let’s start off by using PowerShell to manually identify and uninstall IE 11 on a Windows 10-device.

  1. Start PowerShell as admin
  2. To identify installation state run: Get-WindowsCapability -Online -Name Browser.InternetExplorer~~~~
  3. To remove IE 11 run: Remove-WindowsCapability -Online -Name Browser.InternetExplorer~~~~
  4. Run Get-WindowsCapability -Online -Name Browser.InternetExplorer~~~~ again to make sure it was successfully uninstalled.
  5. Note that a reboot is required for the removal to complete.
  6. Reinstall IE11 if needed: Add-WindowsCapability -Online -Name Browser.InternetExplorer~~~~

Automatically remove by using MEM and Proactive Remediation

Now let’s have a look at how we could utilize MEM and proactive remediation to automatically remove IE. We will start off by creating an exclusion group to exclude any device with reasons to keep IE11.

  1. Open MEM
  2. Click: Groups -> New Group
  3. Group type: Security
  4. Group name: MDM – IE11 Removal – Excluded (you may chose any name you like)
  5. Description: Add devices to this AAD-group to exclude them from automatic IE11 removal (you make chose any description you like)
  6. Membership type: Assigned
  7. Use this group to exclude devices that should keep IE11

Now let’s set up proactive remediation

  1. Download the IE11 removal detection and remediation script from my GitHub:
  2. Open MEM (if it is not already open):
  3. Click: Reports -> Endpoint analytics -> Proactive remediations
  4. Click: +Create script package
  5. Name: W10 – IE11 Removal (you may chose any name you like)
  6. Click: Next
  7. Detection script file: Upload IE11 Removal – Detection.ps1
  8. Remediation script: Upload IE11 Removal – Remediation.ps1
  9. Click: Next twice
  10. Included groups: Pick a group as per your need. I will use a dynamic group including all Windows 10-devices
  11. Click the three dots (…) next to the assignment
  12. Click: Edit
  13. For testing purposes set the schedule to run once
  14. Click: Apply
  15. Excluded groups: MDM – IE11 Removal – Excluded
  16. Click: Next
  17. Click: Create
  18. That it! Internet Explorer desktop app has been successfully removed

Before / After

Optional: Use MEM to install Microsoft Edge

Microsoft Edge is included in new versions of Windows 10, but if we for some reason are running on an old version of Windows 10 these steps are needed to use MEM to install Edge.

  1. Open MEM
  2. Click: Apps -> Windows
  3. Click: +Add
  4. App type: Microsoft Edge, version 77 and later
  5. Click: Select
  6. Change settings as per your need
  7. Click: Next
  8. Channel: Stable
  9. Language: As per your need
  10. Click: Next
  11. Assign the app to all Windows 10-devices
  12. Click: Next
  13. Click: Create

Great! We have now successfully removed Internet Explorer desktop app and installed Microsoft Edge!

Good job 😍

//Nicklas Ahlberg

2 thoughts on “Use MEM to remove Internet Explorer

  1. where are the scripts
    do iust create the .ps1 with the commands in step 1 and 3

Leave a Reply

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.