Microsoft Edge – Prevent Download of Unsafe Files Blocked by SmartScreen Filter

The SmartScreen Filter warns the user when running unrecognized programs or files downloaded from the internet. When you download files using Microsoft Edge, the file download is blocked if the source URL is blacklisted or the downloaded program fails the application reputation check by Microsoft SmartScreen filter.

However, Edge Chromium allows users to download the unsafe file regardless of the warning, by clicking on the “Keep” option in the Downloads flyout.

prevent unsafe files from being downloaded - edge policies

This article explains how to prevent users from downloading the ‘unsafe’ file on Microsoft Edge Chromium.

Prevent Download of Unsafe Files Blocked in Edge

For Microsoft Edge (Chromium)

Note: This setting is available only on Windows instances that are joined to a Microsoft Active Directory domain, Windows 10 Pro or Enterprise instances that enrolled for device management, or macOS instances that are managed via MDM or joined to a domain via MCX.

On standalone systems, Edge ignores this policy. Workaround for standalone systems is available at the following link. The trick is to add a fake MDM provider in the registry so that Edge will think that the Windows 10 computer is MDM-Managed.

Edge Policies for non-Domain-joined Devices – Gunnar Haslinger:
https://hitco.at/blog/apply-edge-policies-for-non-domain-joined-devices/
  1. Start the Registry Editor (regedit.exe)
  2. Go to the following key: 
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge

    (The above branch may not exist by default. You may need to create it manually.)

  3. Create a DWORD (32-bit) value named PreventSmartScreenPromptOverrideForFiles
  4. Double-click PreventSmartScreenPromptOverrideForFiles and set its data to 1
  5. Exit the Registry Editor.

In Windows 10 Pro and higher, you can configure the above setting via Group Policy Editor if you have added Edge ADMX files already. The above registry setting corresponds to the “Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads” GPO under the following branch:

Computer Configuration → Administrative Templates → Microsoft Edge → SmartScreen settings

If you enable this setting, your user account is blocked from downloading unverified or unsafe files blocked by the SmartScreen Filter. The setting applies to the current user account only. There is an equivalent per-system GPO under “Computer Configuration” branch, but that doesn’t seem to work as intended.

One small request: If you liked this post, please share this?

One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
  • Pin it!
  • Share it to your favorite blog + Facebook, Reddit
  • Tweet it!
So thank you so much for your support. It won't take more than 10 seconds of your time.

Ramesh Srinivasan is passionate about Microsoft technologies and he has been a ten-time recipient of the Microsoft MVP award in Windows Desktop Experience (Windows Shell), from 2003 to 2012. Ramesh founded Winhelponline.com in 2005.

...

3 thoughts on “Microsoft Edge – Prevent Download of Unsafe Files Blocked by SmartScreen Filter”

Leave a Comment