For mission critical enterprise web apps you can always use the Citrix option. Run an obsolete, tested browser on an intranet server and let employees access it from their desktops (looks just like a local browser but runs remotely). Lock down the network access from that Citrix server to only authorized web apps to eliminate the security risk from unpatched security holes.

Then you can keep the main desktop browsers up to date without worrying about frequent regression testing.