Privacy and Security Enable or Disable Block Files Downloaded from Internet in Windows 11


Windows_Security_banner.png

This tutorial will show you how to enable or disable blocking files downloaded from the Internet for all or specific users in Windows 10 and Windows 11.

The Attachment Manager is included in Windows to help protect your PC from unsafe attachments that you might receive with an e-mail message and from unsafe files that you might save from the Internet. If the Attachment Manager identifies an attachment that might be unsafe, the Attachment Manager prevents (blocks) you from opening the file, or it warns you before you open the file.

It uses the IAttachmentExecute application programming interface (API) to find the file type, to find the file association. When one of these applications saves a downloaded file on a disk formatted with NTFS, then it updates the metadata for the file with the zone it was downloaded from. The metadata is saved as an Alternate Data Stream (ADS). If you wish to unblock a downloaded file, you can do so by right-clicking it, selecting Properties and clicking on Unblock.

The following determine whether you are prevented from opening the file or whether you are warned before you open the file:
  • The type of program that you are using.
  • The file type that you are downloading or trying to open
  • The security settings of the Web content zone that you are downloading the file from.
    • Internet
    • Local intranet
    • Trusted sites
    • Restricted sites
The Attachment Manager classifies files that you receive or that you download based on the file type and the file name extension. Attachment Manager classifies files types as high risk, medium risk, and low risk.
  • High Risk – If the attachment is in the list of high risk file types and is from the restricted zone, Windows blocks the user from accessing the file. If the file is from the Internet zone, Windows prompts the user with a Windows Security Warning: Windows found that this file is potentially harmful. To help protect your computer, Windows has blocked access to this file.
  • Moderate Risk – If the attachment is in the list of moderate risk file types and is from the restricted or Internet zone, Windows prompts the user with a warning: "The publisher could not be verified. Are you sure you want to run this software?".
  • Low Risk – If the attachment is in the list of low risk file types, Windows will not prompt the user before accessing the file, regardless of the file’s zone information.
If you like, there is a Do not preserve zone information in file attachments policy that allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). If this policy is enabled, it will effectively disable downloaded files from being blocked.

By not preserving the zone information, Windows cannot make appropriate risks assessments. This can cause a security risk to your PC by not having downloaded files blocked by default anymore.


  • If you enable this policy setting, Windows does not mark file attachments by using their zone information.
  • If you disable this policy setting, Windows marks file attachments by using their zone information.
  • If you do not configure (default) this policy setting, Windows marks file attachments by using their zone information.

You must be signed in as administrator to enable or disable block files downloaded from the Internet.

This will not affect blocked files that have already been downloaded before setting this policy.


Contents

  • Option One: Enable or Disable Block Files Downloaded from Internet for Specific or All Users in Local Group Policy Editor
  • Option Two: Enable or Disable Block Files Downloaded from Internet for All Users using REG file


EXAMPLE: Security warnings for blocked file

Unblock_file_in_Windows_Defender_SmartScreen-1.png
Unblock_file_in_properties-2.png
Unblock_file_in_Open_File_Security_Warning-1.png





Option One

Enable or Disable Block Files Downloaded from Internet for Specific or All Users in Local Group Policy Editor


The Local Group Policy Editor is only available in the Windows 11 Pro, Enterprise, and Education editions.

All editions can use Option Two below.


1 Open the all users, specific users or groups, or all users except administrators Local Group Policy Editor for how you want this policy applied.

2 Navigate to the policy location below in the left pane of the Local Group Policy Editor. (see screenshot below)

User Configuration\Administrative Templates\Windows Components\Attachment Manager

blocked_files_goedit-1.png

3 In the right pane of Attachment Manager, double click/tap on the Do not preserve zone information in file attachments policy to edit it. (see screenshot above)

4 Do step 5 (Enable) or step 6 (Disable) below for what you would like to do.

5 To Enable Block Files Downloaded from Internet

This is the default setting.


A) Select (dot) Not Configured, click/tap on OK, and go to step 7 below. (see screenshot below)​

blocked_files_goedit-2.png

6 To Disable Block Files Downloaded from Internet

A) Select (dot) Enabled, click/tap on OK, and go to step 7 below. (see screenshot below)​

blocked_files_goedit-3.png

7 You can now close the Local Group Policy Editor if you like.




Option Two

Enable or Disable Block Files Downloaded from Internet for All Users using REG file


1 Do step 2 (enable) or step 3 (disable) below for what you would like to do.

2 To Enable Block Files Downloaded from Internet for All Users

This is the default setting.


A) Click/tap on the Download button below to download the file below, and go to step 4 below.​

Enable_block_files_downloaded_from_Internet.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=-

3 To Disable Block Files Downloaded from Internet for All Users

A) Click/tap on the Download button below to download the file below, and go to step 4 below.​

Disable_block_files_downloaded_from_Internet.reg


(Contents of REG file for reference)
Code:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=dword:00000001

4 Save the .reg file to your desktop.

5 Double click/tap on the downloaded .reg file to merge it.

6 When prompted, click/tap on Run, Yes (UAC), Yes, and OK to approve the merge.

7 You could now delete the downloaded .reg file if you like.


That's it,
Shawn Brink


 

Attachments

Last edited:
It doesn’t work anymore since Windows 11 24H2. The warning still appears.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Core i5 13600KF
    Motherboard
    Asrock Z790 PG Lightning
    Memory
    2x16GB 7200Mhz C34 Tuned
    Graphics Card(s)
    Radeon RX 6700 XT
    Monitor(s) Displays
    Philips 24M1N3200ZA (165Hz IPS)
    Screen Resolution
    1080p
    Hard Drives
    1TB NVMe (3GB/s)
    PSU
    Aerocool VX 550W
    Case
    Aerocool Hive v3
    Cooling
    Xilence M705D
    Browser
    Edge
    Antivirus
    Malwarebytes
It doesn’t work anymore since Windows 11 24H2. The warning still appears.
Hello, :alien:

I just checked on 24H2, but if you enable the policy. it still stops files downloaded from the internet showing as blocked like below.

unblock_file_in_properties-2-png.6684
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Hello, :alien:

I just checked on 24H2, but if you enable the policy. it still stops files downloaded from the internet showing as blocked like below.

unblock_file_in_properties-2-png.6684
Yes. The registry modification that completely disables this annoying pop up unfortunately doesn’t work anymore.

Of course unblocking the file from properties will skip the warning but it’s a process that has to be done manually every single time for every file.

Hopefully there is another way or registry modification that will take care of this in 24H2.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Core i5 13600KF
    Motherboard
    Asrock Z790 PG Lightning
    Memory
    2x16GB 7200Mhz C34 Tuned
    Graphics Card(s)
    Radeon RX 6700 XT
    Monitor(s) Displays
    Philips 24M1N3200ZA (165Hz IPS)
    Screen Resolution
    1080p
    Hard Drives
    1TB NVMe (3GB/s)
    PSU
    Aerocool VX 550W
    Case
    Aerocool Hive v3
    Cooling
    Xilence M705D
    Browser
    Edge
    Antivirus
    Malwarebytes
Yes. The registry modification that completely disables this annoying pop up unfortunately doesn’t work anymore.

Of course unblocking the file from properties will skip the warning but it’s a process that has to be done manually every single time for every file.

Hopefully there is another way or registry modification that will take care of this in 24H2.
Just to confirm and verify, could you post a screenshot of the warning you are getting to make sure it's for the same thing?

For now, you could use the Unblock context menu added by the tutorial below to make it easier to unblock files on demand.

 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Just to confirm and verify, could you post a screenshot of the warning you are getting to make sure it's for the same thing?

For now, you could use the Unblock context menu added by the tutorial below to make it easier to unblock files on demand.

 

Attachments

  • ef8ec504-b5eb-42ea-9e0c-36456e83db51.jpg
    ef8ec504-b5eb-42ea-9e0c-36456e83db51.jpg
    17.3 KB · Views: 14

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Core i5 13600KF
    Motherboard
    Asrock Z790 PG Lightning
    Memory
    2x16GB 7200Mhz C34 Tuned
    Graphics Card(s)
    Radeon RX 6700 XT
    Monitor(s) Displays
    Philips 24M1N3200ZA (165Hz IPS)
    Screen Resolution
    1080p
    Hard Drives
    1TB NVMe (3GB/s)
    PSU
    Aerocool VX 550W
    Case
    Aerocool Hive v3
    Cooling
    Xilence M705D
    Browser
    Edge
    Antivirus
    Malwarebytes
Yep, that's for the same thing.

I'm not sure why it's not working for you since it still is for me in 24H2.

Just to confirm, did you verify the registry changes? If they were made, you might also try restarting the computer to apply even though you normally do not need to.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender
Just to confirm and verify, could you post a screenshot of the warning you are getting to make sure it's for the same thing?

For now, you could use the Unblock context menu added by the tutorial below to make it easier to unblock files on demand.


Yep, that's for the same thing.

I'm not sure why it's not working for you since it still is for me in 24H2.

Just to confirm, did you verify the registry changes? If they were made, you might also try restarting the computer to apply even though you normally do not need to.
Yes. The changes were applied.
I’ve restarted the computer multiple times as well.
Never had this issue with 23H2.

I’m using Windows 11 24H2 26100.1742 (Clean install)
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Core i5 13600KF
    Motherboard
    Asrock Z790 PG Lightning
    Memory
    2x16GB 7200Mhz C34 Tuned
    Graphics Card(s)
    Radeon RX 6700 XT
    Monitor(s) Displays
    Philips 24M1N3200ZA (165Hz IPS)
    Screen Resolution
    1080p
    Hard Drives
    1TB NVMe (3GB/s)
    PSU
    Aerocool VX 550W
    Case
    Aerocool Hive v3
    Cooling
    Xilence M705D
    Browser
    Edge
    Antivirus
    Malwarebytes
Yes. The changes were applied.
I’ve restarted the computer multiple times as well.
Never had this issue with 23H2.

I’m using Windows 11 24H2 26100.1742 (Clean install)
May have to wait until the next new build to see if it may be a bug.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    8TB WD MyCloudEX2Ultra NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master 3
    Internet Speed
    1 Gbps Download and 35 Mbps Upload
    Browser
    Google Chrome
    Antivirus
    Microsoft Defender and Malwarebytes Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender

Latest Support Threads

Back
Top Bottom