"The publisher could not be verified" prompt running executable from network

This isn't a question but a tip. I feel the need to post it somewhere because I've

been looking for the answer (half-ass-edly) for years. (I finally just figured it

out on Vista, but I'm sure it applies to XP SP2 also.)


Running XP SP2 or higher, you try to run an executable located on another machine

on your network. Your accosted with a prompt: "The publisher could not be verified".

You are forced to confirm that you wish to run this program... every time you run



Run gpedit.msc (its in Windows\System32)

Go to User Configuration >> Administrative Templates >> Windows Components >> Attachment


Add "*.exe" to the "Inclusion list for moderate risk file types" setting.

"This policy setting allows you to configure the list of moderate risk file types.

If the attachment is in the list of moderate risk file types and is from the restricted

or Internet zone, Windows prompts the user before accessing the file. ..."

In other words, this allows you to run an .exe from the Intranet zone without a prompt,

but it will warn before running one from the Internet.


(If you Google, a lot of people are instructing to add *.exe to the list of low-risk

file types, allowing .exe files to execute from anywhere on the internet. A lot of

other solutions that simply don't work are floating around as well.)