Scenario:
When you invoke an application/executable from a networked location like UNC path, etc,. IE7 & above in Windows 7/2008 & above think that you are trying to launch an application that is not in it’s trusted sites list and thus results in a user prompt for the user confirmation about the authenticity of the application. This is a new Windows security feature built into IE7 and above on Windows 7/2008 and above.
Example:
You try to launch a shortcut to notepad executable or even directly the executable from a shared location via UNC path as shown below. This results in the “Open File – Security Warning”
Cause:
The cause for this prompt behavior is that you’re the host/system that you trying to access via UNC path is not in the IE trusted sites zone. And you have the default IE policy setting which says to prompt to the user as shown below:
Fix:
Modify the appropriate zone IE settings not to prompt via “Launching Applications and Unsafe Files” option as shown below.
If the location you are trying to access is a intranet you need to add the respective host to the intranet trusted sites as shown below:
Automating the fix for enterprises:
Via Group Policy:
There is a group policy setting “Launching programs and unsafe files“ that can be configured to control this prompt behavior. The Group Policy Setting is available at both User and System level. Below are the more details:
Via Registry:
The above group policy can be implemented via below registry as well:
C:>reg query "HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMapRangesRange1"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMapRangesRange1
* REG_DWORD 0x1
:Range REG_SZ localhost
C:>
<
p>You can modify it at HKLM for system wide changes.
