Windows disables File Explorer previews for dangerous file downloads

If you’ve been using the Internet for more than a month or so, you know that downloading files from unknown sites is a great way to get compromised. But the latest Windows security update goes a little extra to keep you safe. According to Microsoft, those who install the latest security updates will see previews in Explorer automatically disabled for downloaded files.

For what? According to the support page (spotted by Bleeping Computer), this is because there is a hash leak vulnerability. So, thanks to Microsoft, your breakfast plan will be noticeably tidier now that… oh, wait, no, it’s a vulnerability where an NTLM hash leak can occur if users preview files containing HTML tags (such as , , and so on) referencing external paths. » This could allegedly be used to capture “sensitive credentials.”

Mark of the Web metadata indicates that a file was downloaded from the Internet, which means Windows Defender will give it a little extra attention. If you try to immediately preview a downloaded file, you will receive the following alert message:

The file you are trying to preview may damage your computer. If you trust the file and the source you received it from, open it to view its contents.

To disable this feature after the October 14, 2025 update, you will need to right-click the file, click “Properties”, then “Unblock”. This will need to be done for each file, and it may not take until you log back into Windows.