New Windows Defender download hurdles

Not sure whether this problem belongs into the Development section, but it definitely affects developers trying to present ParaView custom applications for download (after wrapping them with a “superbuild”).

Once the user downloaded an installation package with the “Edge” browser, he will see a message instead of a confirmation:

nnn.exe isn’t commonly downloaded.
Make sure you trust nnn.exe before you open it.

At this point it is indeed possible to “trust” the download and explicitly “keep” it - but it is far from intuitive and involves MANY clicks that you really need to know!

I see now that it does not happen if I download e.g. the latest installation package for ParaView, so I am asking myself how you did that trick?

Actually there is an option to report a download link as ok, but I did not see any such thing that would do it directly for all downloads coming from my website: If this is the way you are going - are you really doing it for each and every download that you put on your website?

maybe @vbolea or @cory.quammen knows.

Starting with ParaView 5.10.0, we are signing ParaView windows .exe installers with Kitware’s signing key for Windows. I don’t know the technical details, but that has removed the scary warnings that Windows would show when installing from the .exe. Doing the same may tell Edge to not make that complaint, but that’s just a guess on my part.

1 Like

That is not doing the trick: I am signing my softwares already since a couple of years, which facilitates the installation process inasfar as the user does not get a warning that he is installing things from “unknown”, but it does not remove the complaint during the download!

Anyway, somebody within your company must know the trick, because actually it does not happen if I download PV 5.10. Maybe I should test myself downloading earlier versions, or very old ones, because if it is a thing that needs to be done for every single download link, then maybe nobody would have done it all the way down till the earliest versions…

I am also noticing that firefox is blocking downloads of the normal ParaView 5.10.1 exe install on Windows. If you go into the download page, you can say retry, and that works. My guess is it doesn’t have to do with ParaView (or your custom ParaView install), but rather antivirus’ becoming more cautious, or the web browser becoming more cautious.


nnn.exe isn’t commonly downloaded.
Make sure you trust nnn.exe before you open it.

“Commonly” implies that there is some sort of metric counting downloaded executables in Windows machines. Maybe there is some telemetry in windows that reports this and maybe this warning occurs to the first N downloads of any given executable exe package.

You actually find there also an option: “Report this file as safe”. Following this brings you to a Microsoft-Webpage where you can enter information about your webite, company and whatever. Afterwards you get a “Thank you for reporting” - and no further “promise”.

I tried that today, and after a couple of days I will see whether things are changing…

Otherwise I felt like I have to prepare a document that instructs the users how they can get through this mess, because it is so much unintuitive that I fear people will simply not any more get there!

It is of course clear that malware is a threat, but with this kind of “functionality” I see also kind of a “FUD campaign” to discourage users from using free software and software from small providers. I could imagine much more transparent ways to really fight malware that are not scaring off the users, but treat them as grown up people and clearly instruct about real dangers and what they can do about it.

However, that is a general rant only: As providers we have to somehow deal with the situation as it is.

PS: I find the remark of Walter Scott interesting: Also Firefox does such blocking, and it does it with PV 5.10 which I just found to be NOT blocked with the “Edge” browser! Looks thus like not only Microsoft is doing something, but other providers as well.

PPS: This is a PDF document that I generated in order to explain the procedure for users. I did not upload it yet on my website: For me this whole procedure is still far too complicated and I wish I can spare my users from going through all this nonsense!

Explanation Download Windows.pdf (150.1 KB)