Do not apply the Mark of the Web tag to files copied from insecure sources

Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016

This policy setting determines the application of the Mark of the Web tag to files sourced from insecure locations. If you enable this policy setting, files copied from unsecure sources will not be tagged with the Mark of the Web. If you disable or do not configure this policy setting, files copied from unsecure sources will be tagged with the appropriate Mark of the Web. Note: Failure to tag files from unsecure sources with the Mark of the Web can expose users’ computers to security risks.

This policy has no additional user input fields.

• User
  Allow only per user or approved shell extensions

  At least Windows 2000
• Computer
  Allow the use of remote paths in file shortcut icons

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Configure Windows Defender SmartScreen

  At least Windows Server 2012, Windows 8 or Windows RT
• ComputerUser
  Disable binding directly to IPropertySetStorage without intermediate layers.

  At least Windows Vista
• User
  Disable Known Folders

  At least Windows Server 2008 R2 or Windows 7
• User
  Display confirmation dialog when deleting files

  At least Windows Server 2003 operating systems or Windows XP Professional
• User
  Display the menu bar in File Explorer

  At least Windows Vista