If the $1,000,000 specialist machine you absolutely rely on needs XP or 9x, which is very often the case in medical or industrial scenarios, that's not an option. What you _can_ do is use an alternative to the built-in (un-updateable) browser: although you won't be able to get the most up-to-date version of any alternative browser, it's still way better.
If that's the case, I would argue you should only use that specialized machine for specialized needs and have a more modern system for regular internet usage. Firewall the specialized hardware from any non-whitelisted sites / network addresses with extreme prejudice. Why risk a million dollar system to open a funny email with cat pictures, oh no its a virus.
Your highly important specialist machine is probably remotely exploitable for as much damage as replacement cost if it also needs a web browser and an internet connection.
Also a browser that is years behind current has a trail of breadcrumbs in terms of fixed bugs for newer versions. It is probably nearly as bad as the built-in option.
> Your highly important specialist machine is probably remotely exploitable for as much damage as replacement cost if it also needs a web browser and an internet connection.
Correct. Those versions of Windows will not bet getting any crucial or critical updates.
You're better off trying to see if ReactOS / FreeDOS will run the damn thing.
The only reason for continued IE11 support is because it shipped with Window 10 and they guaranteed that core software would be updated for a lot of years.