Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Disable SmartScreen AppRep based warnings for specified file types on specified domains
Supported versions
- On Windows since 118 or later
Description
You can enable this policy to create a dictionary of file type extensions with a corresponding list of domains that will be exempted from SmartScreen AppRep warnings. For example, if the "vbe" extension is associated with "website1.com", users would not see a SmartScreen AppRep warning when downloading "vbe" files from "website1.com", but may see a download warning when downloading "vbe" files from "website2.com".
Files with file type extensions specified for domains identified by this policy will still be subject to file type extension-based security warnings and mixed-content download warnings.
If you disable this policy or don't configure it, files that trigger SmartScreen AppRep download warnings will show warnings to the user.
If you enable this policy:
- The URL pattern should be formatted according to https://go.microsoft.com/fwlink/?linkid=2095322.
- The file type extension entered must be in lower-cased ASCII. The leading separator should not be included when listing the file type extension, so "vbe" should be used instead of ".vbe".
Example:
The following example value would prevent SmartScreen AppRep warnings on msi, exe, and vbe extensions for *.contoso.com domains. It may show the user a SmartScreen AppRep warning on any other ___domain for exe and msi files, but not for vbe files.
[ { "file_extension": "msi", "domains": ["contoso.com"] }, { "file_extension": "exe", "domains": ["contoso.com"] }, { "file_extension": "vbe", "domains": ["*"] } ]
Note that while the preceding example shows the suppression of SmartScreen AppRep download warnings for "vbe" files for all domains, applying suppression of such warnings for all domains is not recommended due to security concerns. It is shown in the example merely to demonstrate the ability to do so.
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: Yes
- Per Profile: Yes
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- Dictionary
Windows information and settings
Group Policy (ADMX) info
- GP unique name: ExemptSmartScreenDownloadWarnings
- GP name: Disable SmartScreen AppRep based warnings for specified file types on specified domains
- GP path (Mandatory): Administrative Templates/Microsoft Edge/SmartScreen settings
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
[{"domains": ["https://contoso.com", "contoso2.com"], "file_extension": "msi"}, {"domains": ["*"], "file_extension": "vbe"}]
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
- Path (Recommended): N/A
- Value name: ExemptSmartScreenDownloadWarnings
- Value type: REG_SZ
Example registry value
[{"domains": ["https://contoso.com", "contoso2.com"], "file_extension": "msi"}, {"domains": ["*"], "file_extension": "vbe"}]
Expanded example registry value
[
{
"domains": [
"https://contoso.com",
"contoso2.com"
],
"file_extension": "msi"
},
{
"domains": [
"*"
],
"file_extension": "vbe"
}
]