IE7 - Publisher Could Not Be Verified

After installing IE7 I started getting greeted by a series of dialogs with the title "Open File - Security Warning" and the message "The publisher could not be verified - Unknown Publisher". The message also mentioned that the application did not have a valid digital signature.

What's interesting about this is that Firefox is set as my default browser and furthermore, neither IE7 nor any other web browser were open when I was getting these warning dialogs. This was happening immediately after logging in, while the applications in my system tray were being loaded.

It turns out that some of the applications I run are stored on a mapped network drive.

I searched extensively on Google and I tried a lot of suggested solutions, but none worked. Finally, I found this solution and it did work. I am reproducing it below. Thanks eatyummypuppies.

"The publisher could not be verified" prompt running executable from network
Sunday, June 25, 2006 at 11:40 am
Windows Vista Annoyances Discussion Forum
Posted by eatyummypuppies (1 messages posted)

This isn't a question but a tip. I feel the need to post it somewhere because I've been looking for the answer (half-ass-edly) for years. (I finally just figured it out on Vista, but I'm sure it applies to XP SP2 also.)

Running XP SP2 or higher, you try to run an executable located on another machine on your network. Your accosted with a prompt: "The publisher could not be verified". You are forced to confirm that you wish to run this program... every time you run it.

Run gpedit.msc

Go to User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager

Add "*.exe" to the "Inclusion list for moderate risk file types" setting.

"This policy setting allows you to configure the list of moderate risk file types. If the attachment is in the list of moderate risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file. ..."

In other words, this allows you to run an .exe from the Intranet zone without a prompt, but it will warn before running one from the Internet.

(If you Google, a lot of people are instructing to add *.exe to the list of low-risk file types, allowing .exe files to execute from anywhere on the internet. A lot of other solutions that simply don't work are floating around as well.)


Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

We are running an executables from the network and all that is done is in the Security setting for the Local Intranet - Sites, uncheck "Auto.... detect intranet network" and that stop the pop up security warning. Of course we are on a Novell network and maybe that is why this works.scott

I see this works for Trend's OfficeScan product, allow an exception for PccNTmon.exe & it does not propmpt anymore at startup.Perhaps not the best solution; but it's what we have to work with on the Trend product.

worked great!

You can also Internet Options/Security/Local internet/Sites/Advanced and add file://systemname where systemname is equal the local server that runs the application and and file will now run off of that server.

Thanks for all the comments everyone!Dave

Thanks for posting this excellent tip.

For me the setting is lost whenever I reboot. How do you save it or keep it permanantly?We have a Novell network and the above posting didn't work here.Frank

Excellent, thanks for addding this info, it worked!

publisher could not be verified

My computer got rebuilt recently and I am running Windows/XP home with sp2 and just upgraded to IE7 as part of the upadtes. I keep getting this message which stops me installing all the things I had before from the internet. I have even tried to uninstall IE7 but no luck.I can not run GPEDIT.MSC from Start/Run. I get message Can not find file. Can anyone help please?

THANKS!!!! This worked like a charm for me. I REALLY appreciate it.

swvonhol proposed solution worked as charm

Found this article when searching for a similar problem -- Firefox 3 now stores the same zone information in the exe files you download, so once I've downloaded an executable, and it's stored on a local drive, I get the "publisher could not be verified" prompt.When I went into the Group Policy Editor (XP SP3), I noticed that a bit below the Inclusion List settings, is an item "Do not preserve zone information in file attachments."Since I'm running the file locally, not even from a network location, and I downloaded it manually, I don't need to be warned every time I open it that it might be dangerous -- this seems to have done the trick for me, and I hope I can help someone else who stumbles across this article.

thank you, guy


What if Attachment Manager doesn't exist? I don't see it in the group policy editor.