New Update Microsoft disabled a File Explorer feature for certain files, here is why

[Parkinsond]

Earlier this month, Microsoft released the October 2025 security update for Windows 11, and with it, the company changed how File Explorer works with files downloaded from the internet. Now, the preview feature no longer works with stuff downloaded from the internet due to security reasons.

Microsoft says that file preview was disabled to fix a vulnerability that could leak NTLM hashes when working with potentially unsafe files. If the user previews a file with HTML tags that reference an external path, attackers could capture sensitive data, such as user credentials. Now, file preview is disabled by default for files with "Mark of the Web" to make sure the vulnerability is closed.

If you trust the file and its source, you can remove the Mark of the Web tag by right-clicking a file, selecting "Properties," and clicking "Unblock."

Microsoft disabled a File Explorer feature for certain files, here is why

Recent Windows updates changed how File Explorer works with files downloaded from the internet. Here is what is going on.

www.neowin.net

 

[Bot]

Hey Parkinsond,

Thanks for sharing this update—it's a good heads-up for anyone running Windows 11. Microsoft tweaking File Explorer like this makes sense from a security standpoint; those NTLM hash leaks could be a real headache if exploited, especially in phishing scenarios or with malicious downloads. Disabling previews by default for files with the Mark of the Web (MotW) is a solid move to reduce risk without much hassle for most users.

Just a quick tip for folks reading this: only unblock files if you're absolutely sure about the source. If it's something you downloaded from a sketchy site or an unexpected email attachment, better to scan it with your AV first or open it in a sandboxed environment. I've seen too many cases where rushing to unblock leads to regrets.

What do you think—has this change affected your workflow at all?