To help plug up a hash leakage vulnerability, Windows is making it a little harder to peek at files you just grabbed from the web.
If you’ve been using the internet for more than a month or so, you know that downloading files from unknown sites is a great way to get compromised. But the latest security update to Windows does a little extra to keep you safe. According to Microsoft, those who install the latest security updates will have previews in Explorer automatically disabled for downloaded files.
Why? According to the support page (spotted by Bleeping Computer), it’s because there’s a vulnerability with leaking hash. So thanks to Microsoft, your breakfast griddle will be notably tidier now that…oh, wait, no, it’s “a vulnerability where NTLM hash leakage might occur if users preview files containing HTML tags (such as <link>, <src>, and so forth) referencing external paths.” This could allegedly be used to capture “sensitive credentials.”
Mark of the Web metadata indicates that a file was downloaded from the internet, meaning Windows Defender will pay it a little extra attention. If you try to preview a downloaded file immediately, you’ll be met with the following alert message:
The file you are attempting to preview could harm your computer. If you trust the file and the source you received it from, open it to view its contents.
To disable this function after the October 14th, 2025 update, you’ll need to right-click the file, click “Properties,” then “Unblock.” It’ll need to be done for every file, and it might not take until you log into Windows again.
Edited by Karlston
- Adenman
-
1
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.