Applies To
Win 10 Ent LTSB 2016 Win 10 Ent LTSC 2019 Windows 10 IoT Enterprise LTSC 2021 Windows 10, version 22H2, all editions Windows 11 Home and Pro, version 22H2 Windows 11 Enterprise Multi-Session, version 22H2 Windows 11 Enterprise and Education, version 22H2 Windows 11 IoT Enterprise, version 22H2 Windows 11 SE, version 23H2 Windows 11 Home and Pro, version 23H2 Windows 11 Enterprise and Education, version 23H2 Windows 11 Enterprise Multi-Session, version 23H2 Windows 11 version 24H2, all editions Windows 11 version 25H2, all editions Windows 11 version 26H1, all editions Windows Server 2012 ESU Windows Server 2012 R2 ESU Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025

Original publish date: June 10, 2026​​​​​​​KB IB: 5103160

Introduction

After installing a Windows security update released on or after June 9, 2026, you might notice one or both of the following behaviors for some folders: 

  • A custom folder icon defined by desktop.ini no longer appears.

  • A localized folder display name defined by desktop.ini no longer appears, and the folder shows its original name instead.

This behavior might occur even when the user has not changed an application or folder configuration. ​​​​​​

New behavior context 

This new behavior is expected. Starting with the Windows security updates released on June 9, 2026, a security hardening change is introduced to desktop.ini handling. When Windows cannot establish that the source of a desktop.ini file is trusted, Windows ignores that file and treats it as if it is not present. However, desktop.ini files from trusted sources continue to work normally.

Examples of sources that Windows might treat as untrusted include: 

  • Files downloaded from the internet that carry Mark-of-the-Web (MOTW).

  • Files copied from certain remote locations, such as some WebDAV or HTTP-based locations.

  • Files on network paths that are not classified as intranet or trusted by zone policy.

What is not affected 

This change affects only desktop.ini driven folder presentation behaviors, such as custom icons and localized folder names. It does not affect access to the folder or the files inside it. 

Managing the new default behavior 

Option 1: Add the source to Trusted Sites (Recommended) 

If the affected content is stored on a known internal or managed source, add that source to the Trusted Sites list. Once the source is treated as trusted, Windows processes desktop.ini from that source normally. This keeps the protection in place for other locations and is the lower-risk option. 

Option 2: Use policy to restore previous behavior 

Organizations that need broader compatibility can enable the policy Allow the use of remote paths in file shortcut icons.Enabling this policy restores the pre-June 2026 behavior for affected remote or untrusted scenarios.

IMPORTANT Using a broad opt-out reduces protection against malicious remote folder-customization content. If you use a workaround, Microsoft recommends trusting only controlled internal sources and keeping trust settings as narrow as possible. ​​​​​​​

Option 3: Check for and remove the Mark of the Web (MotW)

If the desktop.ini file has a Mark of the Web (MotW), Windows may treat it as coming from an untrusted source and block customization. Verify whether MotW is present and, if appropriate, remove it from the desktop.ini file. This can restore expected behavior, but should only be done for trusted content, as it removes the associated security protection.

To remove the MotW tag, open PowerShell and run one of the following commands:

  • For a single desktop.ini file:

    Unblock-File "C:\Your\Folder\Path\desktop.ini"

  • For all desktop.ini files in a folder:

    Get-ChildItem "C:\Your\Folder\Path" -Recurse -Filter desktop.ini -Force | Unblock-File​​​​​​​

Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center