Disable Windows XP "File Download Security Warning" .lnk files

I'm trying to suppress the file download – security warning for users accessing a .lnk file embedded within a webpage hosted on an intranet.
The .lnk file calls back to a shortcut located on a windows 2000 SP4 server .
I’ve tried the following steps using GPO, but with no success;
Configuration Settings:
> Default risk level for file attachments: Set it to Enabled and Set the default risk level to[Low Risk]
> Inclusion list for low file types: Set it to Enabled and add the file extension [.lnk]
> Do not preserve zone information in file attachments: Set it to Enabled.
> Add the UNC to Local Intranet or Trusted Sites
> Log off and log back in
> Test accessing the UNC share
Registry keys results after GPO is applied
Any advice please?

Who is Participating?

To be honest, I still think you are peeing into the wind trying to hyperlink to a LNK file which has its target as an EXE.  I believe you really need to miss out the "middle man", being the LNK file, and try for a solution to set the hyperlink target directly to the EXE but temporarily circumvent the built-in IE security.

I've been messing around with this for quite some time now, but it would seem that Internet Explorer has a list of file extensions perceived as potentially dangerous hardcoded into it.


"Internet Explorer contains a predefined, hard-coded list of file extensions that it inherently distrusts. These extensions correspond to generic executables and other kinds of files that have the capability to harm the user's machine without the proper security safeguards. The File Download dialog box cannot be prevented for any files of these types. The Always ask before opening this type of file option will be grayed out on the dialog box and you will not be able to select it. Following is the list of the file extensions for these file types.  As a convention, this article refers to any of these types of files as 'executable' files."

ade, adp, app, asp, bas, bat, cer, chm, cmd, com, cpl, crt, csh, exe, fxp, hlp, hta, inf, ins, isp, its, js, jse, ksh, lnk, mad, maf, mag, mam, maq, mar, mas, mat, mau, mav, maw, mda, mdb, mde, mdt, mdw, mdz, msc, msi, msp, mst, ops, pcd, pif, prf, prg, pst, reg, scf, scr, sct, shb, shs, tmp, url, vb, vbe, vbs, vsd, vsmacros, vss, vst, vsw, ws, wsc, wsf, wsh.

First off, the .LNK file type will NOT normally show in Folder Options > File Types because of the "EditFlags" value in the key:
which prevents you from Editing that file type in Folder Options and there unticking the "Confirm Open After Download" box.  You can change the "EditFlags" value to zero and make it show in Folder Options, but unticking that box has no effect on the prompt I am shown in IE when I click a hyperlink that has its target as a .LNK file.

The above page shows a method of opening an "executable" which bypasses the in-built security and issues no prompts.  Scroll down to the 2nd code window under the heading "Internet Code Download linking" and you will see a "scripted" link.  Pasted here for convenience and direct reference:
<TITLE>Page of executable links</TITLE><

<!-- hyperlink uses central script function called linkit() -->

<A HREF="" onclick="return linkit('signed-testfile.exe');">

// linkit puts filename into HTML content and spews it into iframe
function linkit(filename)
   strpagestart = "<HTML><HEAD></HEAD><BODY><OBJECT CLASSID=" +
      "'CLSID:15589FA1-C456-11CE-BF01-00AA0055595A' CODEBASE='";
   strpageend = "'></OBJECT></BODY></HTML>";
   runnerwin.document.write(strpagestart + filename + strpageend);
   window.status = "Done.";
   return false;  // stop hyperlink and stay on this page

<!-- hidden iframe used for inserting html content -->

<IFRAME ID=runnerwin WIDTH=0 HEIGHT=0 SRC="about:blank"></IFRAME>


Open in new window

So, all you need is the "linkit" Script on the page, and for each link you create to an executable you just use a modification of a normal hyperlink like this:

<P><A HREF="" onclick="return linkit('file1.exe');">Click to open FILE1</A></P>
<P><A HREF="" onclick="return linkit('file2.exe');">Click to open FILE2</A></P>

Unfortunately I am not conversant enough with JavaScript to make this work (if it is even possible) with any target EXE file that IS NOT in the same folder as the HTM file calling it.  I have tried numerous permutations of UNC paths, relative paths, preceding it with file:///// protocol, http:// protocol, etc, etc, and I cannot get anything to work for me.

The only workaround I could suggest is that, for each EXE file you propose calling from a hyperlink, you place a separate HTM file in the same folder as the EXE with an appropriate file name, and populate it only with a "scripted" link to that program.  You then just call the relevant HTM file from a hyperlink in your master web page, maybe as a JavaScripted presized "popup" window with a "Close" button, or just use  TARGET="_BLANK"  in the link on the master web page to make it open in a new tab.  I'm quite sure that a skilled JavaScript coder could actually take the text of a hyperlink (eg. the file name needed) and create a new popup page on the fly using the above method and with no need for separate HTM files, but that's beyond my skills.

For the Intranet Zone you would probably have to relax the "Launching Programs and Files In An iFRAME" security setting.

That's a bit clunky though.  Perhaps someone more conversant than I can make the 0 x 0 pixel <IFRAME> method described by Microsoft work with a UNC path to a program file.

IF ALL your EXE files are in one share folder, then a convenient way to display the exe files and allow the user to double-click on them would be by placing an <IFRAME> within the page, as described under the "IFRAME linking" heading on the above Microsoft page.


There are probably a number of other methods of bypassing security with scripting without disabling security settings permanently, but the above are all that I found and I hope that maybe you can use the concept somehow.

It's not clear what you are actually trying to do with that .LNK file, and there may be a better way without using a .LNK file and messing with security permissions .

A brief explanation about "Zone" information that may help you understand how Windows "flags" files that are copied from one computer to another, and this includes files downloading from a web page and the browser cache.  This may be relevant to your issue.

The embedded data is written using the same method as a malicious RootKit uses to embed a file inside another and execute it on demand, ie. Alternate Data Stream or ADS.  This is only supported on NTFS volumes.
In the case of the ZoneIdentifier, the data is embedded inside the file like this:
:Zone.Identifier:$DATA       26
The actual data is in the format of an *.INI file. It contains a number that identifies the Internet "Zone" where the file came from, eg.


where n = one of the following numbers:
NoZone = -1
MyComputer = 0
Intranet = 1
Trusted = 2
Internet = 3
Untrusted = 4

The presence of the ZoneIdentifier is what shows the "Are you sure you want to open/execute this file".  The "always show this" tick-box in that dialog allows you to "unblock" the file, and just removes the Data Stream from it.  The Right-Click > Properties dialog for the file will also have an "Unblock" button that does the same.

You can see if a file has the ADS ZoneIdentifier by using SysInternals streams.exe (http://technet.microsoft.com/en-us/sysinternals/bb897440) like this:
streams filename.ext
and the command:
more < "filename.ext:ZoneIdentifier"
Notepad "filename.ext:Zone.Identifier"
will show the content.


So, what exactly are you trying to do with your .LNK file?
Are you just trying to distribute a desktop shortcut to users, or are you actually trying to have users execute the .LNK file from a hyperlink in a web page?
Are your Intranet Zones in IE populated properly? What does this .LNK file activate, an .exe? Check the properties on the .EXE, and make sure there is no "unblock" button.....
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

SYPTE-ITAuthor Commented:
Thank you Genius.... will check the .EXE
SYPTE-ITAuthor Commented:
Hi john6767

Check the .EXE..... no unblock button within the file properties and the server is list in the intranet zone as"file:\\server name"

Hi BillDL

Yes I'm trying to have users execute the .LNK file from a hyperlink in a web page
SYPTE-ITAuthor Commented:
Thanks, it looks like you a right in saying that using another mthod if the best way
Thank you SYPTE-IT
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.