Handling “Open File – Security Warning”

It seems like a simple enough task. Use an Azure File share to store an executable and use a PowerShell script to execute the application on a new virtual machines. In practice, however, you might find that the executable is quietly failing to run. Running the executable on the server manually, the problem becomes apparent as a dialog box appears with the title:

“Open File – Security Warning”

This issue typically occurs when executing files that originated from the internet. In this case, the cause is different: the UNC path is treated as part of the Internet Zone, restricting the permissions.

The workaround for this is to set the value of the SEE_MASK_NOZONECHECKS environment variable to 1. By configuring this value, processes in that environment will be allowed to execute without zone checking restrictions. Of course, setting this as a permanent value or at the system level is not recommended; that would disable all zone checking. Instead, we can configure the value as part of the PowerShell script.

$env:SEE_MASK_NOZONECHECKS = 1

When the script process ends, the value will be reverted. To revert it sooner, simply remove the value from the environment

Remove-Item env:SEE_MASK_NOZONECHECKS

Where does this variable originate? It is a special value that allows ShellExecuteEx to bypass the zone checking put into place by IAttachmentExecute. The documentation on this is limited; it seems to have originated with Windows XP as part of a Microsoft Support article.

Stay Informed

Sign up for the latest blogs, events, and insights.

We deliver solutions that accelerate the value of Azure.
Ready to experience the full power of Microsoft Azure?

Atmosera is thrilled to announce that we have been named GitHub AI Partner of the Year.

X