Creators Update 1703 & 1709: IE11 - Cannot run a batch file from internal SharePoint.

Won’t fix Issue #14316100


Oct 20, 2017
This issue is public.
Found in
  • Internet Explorer
Reported by 4 people

Sign in to watch or report this issue.

Steps to reproduce

Issue: Batch files (.bat) that live on a SharePoint server will not run on Windows 10 Enterprise x64 1703 & 1709. (Also, .lnk files that run a command.)

Setup: Shared document library contains a batch file. The batch file is then linked via a Link Webpart to allow a user to click on the link. The user is prompted to Run/Save/Cancel. If you click run, it does nothing (no cmd window at all). If you click save, the file saves. If you click save, then press "Run", the view downloads window displays the “This program couldn’t be downloaded.”

Use Case: (because you’ll ask): We use batch files to point to scripts in netlogon so if the logon script didn’t kick off properly due to timing, We also use them for on-demand printer installations. Yes, I’m aware of other technical solutions to these use cases. I’m looking for solutions for IE.

Micro details:
You can download them, find them in file explorer, and run them just fine.
Google Chrome will download and run them from the browser with no issues.
Microsoft Edge will download and run them from the browser with no issues. (including the .lnk files)
I also tested a fresh build off domain (OOB Setup) from the VL 1703 iso and the same behavior exists.
Monitoring with ProcMon doesn’t give me any useful results or hints.
This problem also exists with .lnk files which call powershell.
Other versions of Windows 10 don’t have this problem (1605,1511). It has been working for over 10 years across many versions of IE.
This is not an AV/Windows defender issue (tested with all of these features off via GPO).
This is not a UAC issue.
This is not a network connectivity/unc path issue.
The website is in zone 1. No enchnaced protected mode.
The file extensions are listed as LowRiskFileTypes in GPO.
It is not the call to powerhsell.exe nor cscript.exe causing the problem (see reproduce procedure below).

Macro details:
Microsoft recently killed VBScript and looks to be actively killing it in future updates to IE. Originally the batch files would run a .vbs logon file. I rewrote them as powershell hoping that the browser was blocking the execution because they were VBS – no go – same behavior.
Here is a link from Microsoft:

To reproduce & Test:
Create a simple batch file with the following commands:
echo “Hello”
Upload it to sharepoint document library (on prem in my case)
-Click on it and try to run it. = Does nothing.
-Save it and run it from the save location. = Works fine.
-Save it and click ‘run’ from ‘view downloads’ window. = Does nothing + Error described in “Setup” above.

Closing remarks:
Again, chain of events: Batch file works from IE11, upgrade to 1703, batch file doesn’t work from IE11.
I would consider other options under the thinking that MS has made a security change in IE11, however because Edge continues to support the behavior, I’m in the boat that this is a probably a bug. I’m posting this as there is nothing out there in the greater web at this time about this issue.


0 attachments

    Comments and activity

    • Also worth noting that IE 11, when you click on a .bat file link to download - IE 11 is now automatically changing the file name from SomeName.bat to SomeName_bat. That seems odd and intentional on MS’s part.

      Edge browser runs the .bat file extension without issue.

    • Microsoft Edge Team

      Changed Assigned To to “James M.”

    • Hello,

      Thank you for providing your feedback on IE11. We are not accepting feedback on Internet Explorer through this portal any longer (unless security related).

      If this is blocking enterprise deployment, please follow the CSS escalation process to engage MS support (GES, General Escalation Service) and file a servicing request.

      Support URL:

      Best Wishes,
      The MS Edge Team

    • Microsoft Edge Team

      Changed Status to “Won’t fix”

    You need to sign in to your Microsoft account to add a comment.

    Sign in