The Open File - Security Warning dialog box is displayed when you try to silently install a hotfix or an update by using a Visual Basic script in Windows XP Service Pack 2 (889815)

CAUSE

This problem may occur when you run a Visual Basic script that is similar to the following sample script to install a hotfix or an update that is downloaded from the Internet.

Note The following sample script installs security update MS04-038.

Set oShell = CreateObject("WScript.Shell")

oShell.Run "c:\temp\ms04-038\WindowsXP-KB834707-x86-enu /quiet /passive /norestart",0, True

Set oShell = Nothing

The update in this sample should install silently. However, the Open File - Security Warning dialog box is displayed because the update file is downloaded from the Internet and is therefore considered dangerous.

This behavior is new in Windows XP SP2 because of the addition of the Attachment Execution Services (AES). Every program that is run by using the ShellExecute() API passes through AES. AES considers the downloaded update file to be from the Internet Zone. Therefore, AESdisplays the Open File - Security Warning dialog box. AES examines the file to see whether the file has a file stream of the type Zone.Identifier. Then AES determines what zone the file is from and what level of protection to apply when the file is run.

WORKAROUND

To work around this problem, use one of the following methods.

Method 1: Change the SEE_MASK_NOZONECHECKS environment variable

Temporarily change the SEE_MASK_NOZONECHECKS environment variable to 1.

Note Do not use this as a permanent system environment variable because it will disable all Zone Checking.

To temporarily change the SEE_MASK_NOZONECHECKS environment variable so that you can silently install a hotfix in Windows XP SP2, use the following sample script:

set oShell= CreateObject("Wscript.Shell")

set oEnv = oShell.Environment("PROCESS")

oEnv("SEE_MASK_NOZONECHECKS") = 1

oShell.Run "c:\ms04-038\WindowsXP-KB834707-x86-enu /quiet /passive /norestart",0,True

oEnv.Remove("SEE_MASK_NOZONECHECKS")

Method 2: Use a command script

You can use a command script instead of a Visual Basic script to silently install a hotfix or an update. To do this, follow these steps:

Click Start, click Run, type cmd, and then click OK.
At the command prompt, type the following lines, and press ENTER after each line:
@echo off
c:\ms04-038\WindowsXP-KB834707-x86-enu /quiet /passive /norestart
After the installation is complete, type exit, and then press ENTER to close the command prompt.

MORE INFORMATION

Microsoft provides programming examples for illustration only, without warranty either expressed or implied, including, but not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and the tools that are used to create and debug procedures. Microsoft support professionals can help explain the functionality of a particular procedure, but they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements. If you have limited programming experience, you may want to contact a Microsoft Certified Partner or the Microsoft fee-based consulting line at (800) 936-5200. For more information about Microsoft Certified Partners, visit the following Microsoft Web site:

http://directory.microsoft.com/resourcedirectory/Solutions.aspx

For additional information about the support options available from Microsoft, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;[LN];CNTACTMS

The Open File - Security Warning dialog box is displayed when you try to silently install a hotfix or an update by using a Visual Basic script in Windows XP Service Pack 2 (889815)

SYMPTOMS

CAUSE

WORKAROUND

MORE INFORMATION