Skip to Content

How can I safely turn on file previews again for downloaded documents in Windows?

By: Author Alex Lim

Posted on

Categories Windows

Home » Microsoft » Windows » How can I safely turn on file previews again for downloaded documents in Windows?

Why did the latest Windows update stop my file previews and how can I fix it?

The October 2025 Windows security update changed how File Explorer handles previews. This was not a mistake. Microsoft made this change on purpose to keep your computer safe. When you download a file from the internet, Windows now adds a special tag to it called the “Mark of the Web” (MotW). This tag tells your computer the file came from an outside source.

Because of the new update, File Explorer will not show a preview for any file with this MotW tag. You might see a warning that the file could be unsafe. This is because attackers could create special files that, when previewed, might try to steal your login information, known as NTLM hashes. By blocking the preview, Windows prevents this type of attack. Uninstalling the update is not a permanent fix, as the change will return in future updates.

You have several ways to get previews working again for files you trust.

Enable Preview for a Single File

If you are sure a specific downloaded file is safe, you can remove its internet tag.

  1. Right-click the file and choose Properties.
  2. On the General tab at the bottom, look for a security message.
  3. Check the box that says Unblock.
  4. Click OK. File Explorer should now be able to show a preview of that file.

Solutions for Files on a Network

For files stored on a network drive, an administrator can tell Windows to trust the entire location. This is often better than unblocking files one by one.

Use Internet Options

You can add the network location to your trusted zones.

  1. Open the Control Panel and go to Internet Options.
  2. Click the Security tab.
  3. Select either Local intranet or Trusted sites.
  4. Click the Sites button.
  5. Add the address of your network share (for example, \\servername).

Use Group Policy (GPO)

For system administrators managing many computers, a Group Policy is the most efficient method.

  1. Open the Group Policy Editor (gpedit.msc).
  2. Go to Computer Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\.
  3. Find and open the policy named Site to Zone Assignment List.
  4. Enable the policy and add the file server paths you want to trust.

Other Methods

A couple of other workarounds exist for specific situations. One method involves moving files to a USB drive formatted as FAT32, because that older file system does not support the MotW security tag. Another advanced solution involves editing the Windows Registry directly, which should only be done if you are comfortable with the risks.