Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.
This article describes a change in behavior when you download an executable file or an add-in program by using Microsoft Internet Explorer or by using Microsoft Outlook Express on a computer that is running Windows XP Service Pack 2 (SP2). We recommend that you use Method 1 to unblock the publisher, and then try to save or run the file that you downloaded. We do not recommend that you lower your security settings on your computer, as described in Method 2.
When you try to run an executable (.exe) file or an add-in program that is downloaded by using the version of Microsoft Internet Explorer that is installed with Microsoft Windows XP Service Pack 2 (SP2) or the version of Microsoft Outlook Express that is installed with Windows XP SP2, you cannot run the executable file or the add-in program.
This behavior may occur on a computer that is running Windows XP SP2 if the executable file or the add-in program is blocked because it has signature that is not valid.
To work around this behavior, use one of the following methods:
Method 1: Unblock the publisher
You can unblock a publisher by using the Manage Add-ons feature in Internet Explorer.
Note The publisher is the signer of an add-in program.
Important Use this method only if you trust the publisher of the executable file or add-in program.
In Internet Explorer, click Tools, and then click Manage Add-ons.
Click the name of the add-in.
Take one of the following actions:
Click Update ActiveX to replace the add-on with the current version.
Note This option is not available for all add-ins.
To enable an add-in, click Enable, and then click OK.
To disable an add-in, click Disable, and then click OK.
Method 2: Allow the installation of ActiveX controls that do not have valid signatures
Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.
In Internet Explorer, click Tools, and then click Internet Options.
On the Security tab, in the Security level for this zone area, click Custom Level.
Click Allow installation of ActiveX controls that have invalid signatures.
Note When a signature is not valid, you cannot trust that the publisher is asserting a truthful identity. We do not recommend that you allow the installation of ActiveX controls that do not have valid signatures because of the additional risk that doing this may introduce to your computer.
This change in behavior in Windows XP SP2 helps bring consistency and clarity to the experience of downloading files and code to computers. The publisher check provides very important information. When a signature is found in an executable file or in an add-in program, it provides a systematic way to prevent files that are from suspicious or unidentified publishers from compromising the security of a computer.