Sometimes when I launch a downloaded program exe/msi, I get "Executable files may contain viruses...". Why this message for some programs and not others???
I get the following message when launching after downloading a program: "***.msi is an executable file. Executable files may contain viruses or other malicious code that could harm your computer. Use caution when opening this file. Are you sure you want to launch “***.msi”?
- .msi is my company's product. This message does not appear for other programs I have downloaded and launched. Why is this warning inconsistent in that it targets my program but not others?
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
From what I understand it's Microsoft's way of making sure there are no scripts, installers, executable files running in the background without first being given consent from the user due to the fact that they could be malicious in nature.
I believe that there is a way to bypass this by forcing MSI's to install in administrative mode.
Hope this helps.
Modified by WMagicModel
To clarify, Firefox generates the warning message not Microsoft. The message pop-up can be reproduced by: 1) Use Firefox to download a msi/exe. 2) Click the Firefox download icon to show a list of downloaded file(s). 3) Click the msi/exe file entry in the list. This produces the Firefox popup warning. (Note that Microsoft generates their own pop-ups subsequently, which are clearly documented by Microsoft).
The msi in question is signed and timestamped using a trusted certificate authority. Other msi/exe files I downloaded and launched from other websites did not generate the Firefox warning. So it looks like Mozilla has a trust ranking that it applies based on popularity, since I don't get a lot of track on my website.
I am looking for clarification on why Mozilla selectively pops up that warning and what the criteria might be.
You get the 'fileExecutableSecurityWarning' warning when you try to open an executable instead of saving the file.
There is an override pref available, but it isn't recommended to override this security measure. The override pref is mainly meant for cases that you need to run a Java Web Start (JNLP) file and not for running an executable (.exe) file.
Modified by cor-el
Thanks, but in the case where an msi/exe file is opened, I'm trying to understand why Mozilla generates this warning for some msi/exe files and not others. It appears that Mozilla has a trust rating that determines which msi/exe gets that warning, possibly based on download frequency.
In my case, I am the author of a website with an msi that when downloaded generates the fileExecutableSecurityWarning. That msi is digitally signed by a Trusted Certificate authority as well as timestamped. Other msi downloads I've tried from popular websites don't generate that warning. I am looking for confirmation that Mozilla is selectively applying that warning and to try to understand their criteria.
I do understand that the warning is not generated for saved files, and this question only applies to opening a downloaded file.