Disable the Annoying "This page has an unspecified potential security risk" When Using Files on a Network Share
Have you ever right-clicked on a file from a mapped share and gotten this really irritating popup message from Windows? Even more annoying, when you try and drag and drop files from a network share, you get another popup asking “Do you want to move or copy files from this zone?” So what’s the deal?
The Problem
Whenever you try and right-click on a file, like a zip file, you’ll get an irritating popup: “This page has an unspecified potential security risk. Would you like to continue?” It’s even more annoying cause, well, I’m NOT using Internet Explorer!
The problem gets worse… if you try and drag/copy files out of the folder you’ll get the error “Do you want to move or copy files from this zone?”
Very annoying indeed!
The Reason
You are getting this error because Windows is not detecting your local network properly, and assuming that there is a security risk. This all goes back to the concept of “Security Zones” that you might have seen if you’ve ever looked in Internet Explorer’s options panel.
In order to prevent rogue websites or applications from passing a UNC path as a link to run an application, Windows will detect that a UNC path (like \\computername\sharename) is not part of your local network, and prompt you before doing anything that could be unsafe. This security mechanism is definitely annoying, but it really is a necessary evil.
What we’ll do is manually add the mapped drive computer name to the exception list.
Fixing the Problem
You’ll need to open up Internet Options from Internet Explorer’s Tools \ Options menu, or from the Control Panel. Once there, select the Security tab, click on the “Local intranet” icon, and then click on the “Sites” button.
If you only map drives to a few machines, what you can do is click on the “Advanced” button, and then add each machine name with this format:
file://computername
For instance, the name of my file server is superfast, so I put in file://superfast and then clicked the Add button. (Make sure to click the Add button!)
If you have a number of machines on your network, you could alternatively uncheck the “Automatically detect intranet network”, and then check the other three boxes. This prevents you from having to enter each machine name manually, but allowing all network paths is probably not the most secure method, better to manually enter the machine name as detailed above.
Note: I was completely unable to use this method to remove the security popups when using an IP address to map drives. You’ll need to switch to using the computer name when mapping drives in order to remove the messages. Technically we could remove the security popups across the board using the Custom Level button, but that would leave your computer with a security hole, so I’m not going to explain it.
Now that we’ve added the exception, you can right-click on the file without any issues:
You can also copy files and generally interact with the network share without problems.
Note that this should also work in Windows 7.
Daily Email Updates
You can get our how-to articles in your inbox each day for free. Just enter your name and email below:
Great tip… this was getting really annoying. Thanks!
Thanks for the tip! These little nuggets of how-to are so helpful and save tons of time and frustration. Also, you noted that an IP address mapping doesn’t work, but I added my share by IP (instead of computer name) and it worked just fine. I’m using XP/SP3. Thanks again!
IE is such a piece of annoying crap
I’m getting this message without trying to open any files. I’m getting this pop up just from going online… it appears usually when the AIM ads are changing. Please help~!
Instead of putting multiple entries in the Local Intranet advanced section (such as file://EachComputer), could you put just one entry like this: file://192.168.1.* to allow access to all your network shares in the IP range, or does this pose a security risk?
Thanks Farm Geek! Tried removing that annoying pop-up myself but the one item I was missing was covered in your ‘Note’ at the bottom of the article – “Note: I was completely unable to use this method to remove the security popups when using an IP address to map drives. You’ll need to switch to using the computer name when mapping drives in order to remove the messages.”
Here is a slight variation on this that is not resolved by your article…
Our users cannot map drives directly to the servers as there are many replicating shares. We use DFS to create a domain-based namespace for drive mappings. So, instead of “\\SERVER\ShareName\” we are mapping to “\\DOMAIN\SHARES\LinkToShareName”, and DFS handles the rest.
On the strength of your article it seems sensible that I just add “file://DOMAIN” to the intranet zone, and the popup will magically go away… NOPE! This does not work and I still get that very irritating popup message
If I implement your article for one of the replicating shares and map directly then yes it all works perfectly, however directly mapping to the server is not an option
So I am wondering why adding the domain name does not work. As far as Internet Explorer is concerned it should just be a file path like any other, as the operations of DFS are transparent. I wonder if this has something to do with name resolution…
Any ideas?
PS. By the way, what is the other method for switching them off entirely? I could make this change via Group Policy to the Intranet zone, and with complete control over the Intranet zone and all IE settings fully locked down this would not be a security risk. Come on… Let the cat out of the bag please!!!
OK… I’ve clarified my issue, but still need solution!!
If I add “file://SERVER” to the Inranet sites via Group Policy, when I check in Internet Options it is there exactly as I typed it.
If I add “file://DOMAIN” (as per the drive mapping), Internet Explorer automagically modifies it to “file://*.DOMAIN”, making the path no longer valid – Why?
If I try to work around it, eliminate the dot, and put “file://*DOMAIN”, it simply does not add it to the zone at all!
Aarrrrrghh! How can I get “file://DOMAIN” (That is a Fully Qualified Domain Name, not NETBIOS), into the Intranet zone list? Registry Hack via Group Policy Preferences?
just got a WHS and moved my documents there and got this annoying window every time i access the folder…
thank you it worked perfectly!