none
Open File - Security Warning

    Question

  • I have a mapped drive letter to a file server share where I keep many utility scripts (.cmd files).
    Whenever I right-click a .cmd file and choose Edit, I'm given an "Open File - Security Warning" dialog.
    How can I disable this prompt? I'd like everything on this server to be considered as safe as the things on my local drive.
    Monday, May 14, 2007 2:58 AM

Answers

  • Thanks... but that wasn't really helpful. I spent hours poking at "Open File Security Warning" Google results before posting here; they were all about XPsp2. Adding the server to the Trusted sites zone is NOT SUFFICIENT in Vista; Vista's default security level for Trusted Sites is Medium (sans Protected Mode).

    I did eventually resort to a brute-force approach to find the problem. After adding the server to Trusted sites, edit Security Settings ("Custom level") for the zone, and Enable "Launching applications and unsafe files." (Or just drop your pants and set security to Low for Trusted sites. They are trusted, aren't they?)
    Wednesday, May 23, 2007 3:17 AM

All replies

  • You can use the Group Policy Editor.  Google "Open File Security Warning," and take your pick of solutions and workarounds; there are about eight on the 1st page of results.
    Monday, May 21, 2007 10:21 AM
  • Thanks... but that wasn't really helpful. I spent hours poking at "Open File Security Warning" Google results before posting here; they were all about XPsp2. Adding the server to the Trusted sites zone is NOT SUFFICIENT in Vista; Vista's default security level for Trusted Sites is Medium (sans Protected Mode).

    I did eventually resort to a brute-force approach to find the problem. After adding the server to Trusted sites, edit Security Settings ("Custom level") for the zone, and Enable "Launching applications and unsafe files." (Or just drop your pants and set security to Low for Trusted sites. They are trusted, aren't they?)
    Wednesday, May 23, 2007 3:17 AM
  • It´s easy....just go to internet options (on internet explorer) -> Security->Intranet->Press the Sites Button and deactivate the first option and activete the other 3. It´s worked for me....cheers
    Wednesday, June 13, 2007 6:12 PM
  • I ran into the samething. In my research to fix this, I came accross this article on MSDN blogs.

     

    http://blogs.msdn.com/gblock/archive/2006/12/19/tips-steams-zones-vista-and-blocked-files-in-ie.aspx?CommentPosted=true#commentmessage

     

    Thursday, July 19, 2007 6:22 PM
  • How to eliminate the “Open File Security Warning” from programs accessed from the file server.

     

    1. Open the Control Panel
    2. Open Internet Options
    3. Click the Security Tab
    4. Click on Local Intranet
    5. Click on Sties
    6. Click Advanced
    7. Type the drive letter of your file server where the application is located in the “Add this website to this zone” box. 
    8. Click Add
    9. Click Close
    10. Click OK
    11. Close Internet Options by clicking OK
    12. Close the Control Panel

     

    You should no longer get the “Open File Security Warning” when you run an application from the file server.

    • Proposed as answer by abow Monday, March 01, 2010 10:30 PM
    Monday, November 05, 2007 6:36 PM
  • Hi,

     

    The posted 'fix' by Technology Instructor doesn't work for me. Interestingly it did work for a collegue 2 months previous (and is still working for him). On our Vista and Windows Server 2003 that have been recently upgraded to IE7 we have the same issue running one of our apps via a network shortcut.

     

    I have researched and tried the above fix with no change.

    I have considred applying the registry update discussed here http://www.petri.co.il/forums/showthread.php?t=3871 but am unsure as to how safe this might be.

    I have considered implementing this fix http://www.vistaheads.com/forums/microsoft-public-windows-vista-security/16603-how-remove-open-file-security-warning-window.html but am not sure how to implement this across our domain.

     

    Am sure a Microsoft member can provide worthwhile information to removing this annoying impass.

     

    -Dale

    Wednesday, February 13, 2008 10:41 PM
  • Great info! Worked for me!!! Thank you.
    Monday, July 21, 2008 5:33 PM
  •  joeship wrote:
    Great info! Worked for me!!! Thank you.

     

    Joeship

     

    What worked for you???

     

    There are 4 separate solutions in this thread?

     

     


    Ronnie Vernon
    Microsoft MVP
    Windows Desktop Experience
    Tuesday, July 22, 2008 6:04 PM
    Moderator
  • This solution worked for me! We have a drive mapped to H. I added just simply H and H:\ which redirected to the actual path and it was fine after that. No more security warning.

     

     Technology Instructor wrote:

    How to eliminate the “Open File Security Warning” from programs accessed from the file server.

     

    1. Open the Control Panel
    2. Open Internet Options
    3. Click the Security Tab
    4. Click on Local Intranet
    5. Click on Sties
    6. Click Advanced
    7. Type the drive letter of your file server where the application is located in the “Add this website to this zone” box. 
    8. Click Add
    9. Click Close
    10. Click OK
    11. Close Internet Options by clicking OK
    12. Close the Control Panel

     

    You should no longer get the “Open File Security Warning” when you run an application from the file server.

    Wednesday, July 30, 2008 12:03 PM
  •  

    The 12-step solution worked for me even when I added the UNC instead of the mapped drive letter.

     

    (Windows Vista 32-bit accessing Windows Server 2003 / Windows Home Server)

    Wednesday, August 27, 2008 9:26 PM
  • That worked for me too.  WindowsXP sp2.  It also fixed some of the generic errors that I was getting in different programs that run from my server.  Thanks for sharing.

     

    Monday, November 03, 2008 2:21 PM
  • This solution did not work

     

    Windows Server 2003 R2 fully patched running as Terminal Server

     

    I mapped a drive and was getting permission error when accessing file.  I shut-off windows security and then right clicked file and copy and then copy shortcut to desktop.  Application now runs but get OFSW error.  Tried above - no luck.  I see all the solutions but still nothing working.

     

    Ideas?

     

    Thursday, December 11, 2008 9:34 PM
  • I know this is an old post but I want to get this on the web somewhere.

    After tweaking my registery to move my "All Programs" to the menu in place of the "Favorites" I had the same issue. All the links gave the "File Open Security Waning". Nothing I could do to reset the permissions worked; it's like the perms were orphaned.

    What I did was copy the links to a folder on my deskop, open each one, delete he original links (shortuts) ten copy the new ones in. This solved the problem.

    You can first test to see if this is the issue by opening the program directly (without the link). If the program does not give warning and link does the above should fix it.
    • Edited by Cool Bam Saturday, March 28, 2009 6:18 PM typo
    • Proposed as answer by Cool Bam Saturday, March 28, 2009 6:19 PM
    Saturday, March 28, 2009 6:17 PM
  • Thanks for this. Since installing Firefox 3.5 this has been driving me nuts. It also got rid of the "Do you want to move copy files from this zone" msgs when moving or copying files from my network.

    Thanks.
    Friday, July 03, 2009 10:47 PM
  • Is there a registry change that will perform the 12 step solution?
    Wednesday, August 05, 2009 1:37 PM
  • This worked for me...

    ~ go to C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ copy the Programs folder to another location, until needed (ie...New Folder)

    ~ then delete the Programs folder in C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ copy the other Programs folder back into C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ and you're DONE!!!
    Thursday, November 26, 2009 12:31 AM
  • This worked for me...

    ~ go to C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ copy the Programs folder to another location, until needed (ie...New Folder)

    ~ then delete the Programs folder in C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ copy the other Programs folder back into C:\ProgramData\Microsoft\Windows\Start Menu\

    ~ and you're DONE!!!
    Worked for me. Very odd bug, hope they fix it in win7 SP1.

    I'll have to make a batch to do this per logon.
    Monday, December 07, 2009 5:27 AM
  • How to eliminate the “Open File Security Warning” from programs accessed from the file server.

    1. Type  the drive letter of your file server where the application is located  in the “Add this website to this zone” box. 
    This worked for me.  Interestingly when I added m:\ it changed it to the "file://hostname" URL

    Monday, March 01, 2010 10:35 PM
  • instead of a letter, i've decided to put the IP of the current computer, since the current computer should always trust its content:
    127.0.0.1
    Sunday, March 14, 2010 10:01 AM
  • instead of a letter, i've decided to put the IP of the current computer, since the current computer should always trust its content:
    127.0.0.1

    The loopback IP solution worked for me. I was going nuts! Was getting prompted w/ "these files may harm your computer" every time I tried to move a file on a mapped network drive. Using Windows 7 Enterprise.
    Thursday, April 22, 2010 1:28 PM
  • so are you saying that what i've done has helped you ?
    Thursday, April 22, 2010 4:03 PM
  • How to eliminate the “Open File Security Warning” from programs accessed from the file server.

     

    1. Open the Control Panel
    2. Open Internet Options
    3. Click the Security Tab
    4. Click on Local Intranet
    5. Click on Sties
    6. Click Advanced
    7. Type the drive letter of your file server where the application is located in the “Add this website to this zone” box. 
    8. Click Add
    9. Click Close
    10. Click OK
    11. Close Internet Options by clicking OK
    12. Close the Control Panel

     

    You should no longer get the “Open File Security Warning” when you run an application from the file server.

     

    This solution worked for me as well on Windows Server 2008


    Jason
    Monday, May 17, 2010 2:50 PM
  • I've tried all of these solutions and none work. Vista is so awesome.
    Wednesday, June 02, 2010 5:14 AM
  • I had a look at this page:

    http://www.1stbyte.com/2007/07/06/open-file-security-warning-on-mapped-drive/

    Where they suggest the same solution of adding the UNC paths to the local intranet zone.

    Also suggests adding .exe to the 'attachement manager'

    User Configuration -> Admin Templates -> Windows Components -> Attachment Manager -> Inclusion list for moderate file risk types

    I've added .exe under there after adding the server paths (drive letters and server IPs) to the Local Intranet zone.

    Seems to work here for XP SP3 under a 2003 SP2 domain.

    Wednesday, June 16, 2010 7:50 AM
  • from some reason, this problematic window came back , and what i did before didn't help (adding 127.0.0.1 to the sites...) .

    i use winXP 32 bit home edition sp3 .

    Diggory Gray , can you please explain exctly what you offered here?

    Monday, July 12, 2010 7:17 PM
  • Finnaly a straight answer thanks dude works great
    Friday, July 23, 2010 7:28 PM
  • How to eliminate the “Open File Security Warning” from programs accessed from the file server.

    ...(12 steps)...

     

    Thank you! Such a simple resolution. Why is it so xxxxxxx hard to find such a simple answer?

     

    * Worked for Windows Server 2008 (DataCenter Edition on Amazon-EC2) as well. Voted you up.

     

     

    Friday, August 13, 2010 5:28 PM
  • Is there a way to do the 12 step solution from a batch, group policy, or some other way to deploy it to 50+ workstations?

     

    I am using Win7 SP1 workstations, and server 2008r2

    Tuesday, April 19, 2011 3:14 AM
  • Awesome, "Technology Instructor".
    • Edited by Sopwyin54 Saturday, November 12, 2011 11:16 PM It's awesome.
    Saturday, November 12, 2011 11:15 PM
  • Since all of my users run from a terminal server I have their startup programs listed in a folder redirect that resides on a NAS, not on the server they log in to.  Using a Terminal Server Farm with load balancing they always get the same startup folder, desktop, favorites, etc.  It took me a while to figure this out because I didn't want my users to have to go through these steps to get rid of the security warning.  Also, I have used a GPO to disable their security tab and rights so they wouldn't have been able to add the UNC path to their startup folder even if they wanted to. 

    In order to have the UNC path set when they login I added it to the security->local intranet zone via this setting in a GPO.

    User Configuration -> Windows Settings -> Internet Explorer Maintenance -> Security -> Security Zones and Content Ratings. 

    Double click on Security Zones and Content Ratings and then click the Modify Settings Button. 

    Click on Local Intranet -> Sites.  Uncheck Automatically detect intranet network and then check the Include all network paths (UNCs).

    Click the Advanced Tab -> add the UNC path to your server where the files reside.  Make sure the GPO gets applied to the terminal server and the warning message should go away.

    *** NOTE ***
    These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.

    Monday, November 28, 2011 9:00 PM
  • I actually found an answer that made more sense that anything above and doesn't reduce your security protection, unlike all of the above solutions.  Due to a network failure, after starting my computer and attempting to log into my domain account, it appears that Windows will change the permissions on certain items when it thinks that it is under attack.

    So, Windows changed the permissions on my desktop, but nothing that I could see in the UI.  Some, but not all, links on my desktop started to exhibit this issue and it only affected links on my desktop.  After doing quite a few searches I came across the following article, which turned me in the correct direction:

    Fix Start Menu Shortcuts Open File Security Warning in Windows 7 and Windows Vista


    All I had to do was change the path to my desktop (see below):

    ICACLS "C:\Users\<username goes here>\Desktop" /Setintegritylevel (OI)(CI)M


    and everything was back to normal again.


    Bill Bosacker's Blog @ http://www.openSourceC.org/
    • Proposed as answer by Lee Coxon Tuesday, July 30, 2013 9:00 AM
    Friday, December 02, 2011 8:17 PM
  • I've had this problem with W7 sp1 running programs in redirected folders on a 2008 R2 DC. I fixed it using the "Site to Zone Assignment List" GPO. I simply entered 2 lines shown exactly as below (using file:// at the start initially wouldn't work for me): ServerName.Domain.Local - 2 1.2.3.4 - 2 (1.2.3.4 is the ip of the server) Worked straight away after this.
    • Edited by Lazy D Tuesday, January 17, 2012 12:06 AM
    Tuesday, January 17, 2012 12:05 AM
  • @William, icacls.exe is not available on Windows XP SP3.

    @reduca
    To avoid the measly 12-steps, the solution that I used was to add the UNC path of the server to the IE Intranet Zone directly to the registry.

    For all users:
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\myuncpath]
    "file"=dword:00000001

    Where "myuncpath" is actually \\<meta content="text/html; charset=utf-8" http-equiv="content-type" />myuncpath (the UNC path of your CIFS server) without the UNC slashes.

    If you add this to HKLM it will not show up in the user's <meta content="text/html; charset=utf-8" http-equiv="content-type" />Internet Settings control panel under. If added to HKCU, viewing in Internet Settings control panel under Security tab->Sites->Advanced this entry shows up as 'file://myuncpath' in the list of allowed sites.

    Monday, March 05, 2012 1:52 AM
  • I thought XP had icacls predecessor cacls.
     
    --
    ..
    --
    "Jay Goldberg" wrote in message news:f1e2c113-361b-4d11-a24e-a0ac4137adb0...
    > @William, icacls.exe is not available on Windows XP SP3.
    >
    > @reduca
    > To avoid the measly 12-steps, the solution that I used was to add the UNC
    > path of the server to the IE Intranet Zone directly to the registry.
    >
    >
    > For all users:
    > [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet
    > Settings\ZoneMap\Domains\myuncpath]
    > "file"=dword:00000001
    >
    >
    > Where "myuncpath" is actually \\<meta content="text/html; charset=utf-8"
    > http-equiv="content-type" />myuncpath (the UNC path of your CIFS server)
    > without the UNC slashes.
    >
    > If you add this to HKLM it will not show up in the user's <meta
    > content="text/html; charset=utf-8" http-equiv="content-type" />Internet
    > Settings control panel under. If added to HKCU, viewing in Internet
    > Settings control panel under Security tab->Sites->Advanced this entry
    > shows up as 'file://myuncpath' in the list of allowed sites.
    >
     
     
    Monday, March 05, 2012 7:25 AM
  • Hi, I have the same issue after changing the "favorites" to "all programs". I'm not very good with computers.  Can you explain step by step how to fix this? Thx!
    Thursday, April 12, 2012 2:22 AM
  • William,

    Firstly, i'm not one for usually commenting on threads, but can I just say you have saved me about 2 days of work!

    I had this issue a year ago and had to trash my profile, which was nightmare due to the amount of programs and custom configuration!

    So the issue reared its ugly head again this morning and everything that was suggested didn't work or made my computer open to serious threat. 

    But your fix worked an absolute treat.

    So massive thanks! :D

    Tuesday, July 30, 2013 9:02 AM
  • I would recommend using treat UNC path as Intranet Site so it abides by the Intranet Zone Mapping rules.

    Administrative Templates \ Windows Components \ Internet Control Panel \ Security Page \ Intranet Sites: Include all network paths (UNCs) - Enabled

    HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ REG_DWORD "UNCAsIntranet" data value of "1"
    Sunday, September 15, 2013 2:29 PM
  • I had this problem with shortcuts in Windows 8 that were on my links toolbar.  I disabled the links toolbar, created a new one and directed the new tollbar to a sub-directory on my desktop. The new shortcuts bypassed the warning issue. -Mike M.
    Friday, November 15, 2013 7:05 PM
  • I had this problem with shortcuts in Windows 8 that were on my links toolbar.  I disabled the links toolbar, created a new toolbar and directed the new tollbar to a sub-directory on my desktop. The new shortcuts bypassed the warning issue. -Mike M.
    • Edited by Mike M7 Friday, November 15, 2013 7:13 PM
    Friday, November 15, 2013 7:05 PM
  • I had this problem with shortcuts in Windows 8 that were on my links toolbar.  I disabled the links toolbar, created a new toolbar and directed the new tollbar to a sub-directory on my desktop. The new shortcuts bypassed the warning issue. -Mike M.
    Friday, November 15, 2013 7:13 PM
  • Did not work for me.  Maybe an IE update that changes things?  There is no STEP 6 for me for example...

    Either way it did not work.  Cool Bam below had a solution that worked well for me!


    Arvo Bowen III

    Sunday, March 16, 2014 2:55 AM