Microsoft Blocks Windows File Previews Over Security Fears
Microsoft has quietly disabled file preview capabilities for internet-downloaded documents in Windows 11, citing vulnerability to credential theft. The change affects files with the “Mark of the Web” attribute and represents the latest in a series of security moves this month. Security analysts suggest the blanket approach might inconvenience legitimate users while addressing a specific NTLM hash leakage risk.
Microsoft appears to be taking a scorched-earth approach to a specific Windows security vulnerability, with reports indicating the company has disabled file previews for all internet-downloaded documents. The change, which reportedly took effect October 14, automatically blocks File Explorer’s preview function for any files bearing the “Mark of the Web” attribute—Microsoft’s method for flagging content obtained from online sources.