Resolved -
As per the Market Communication, reference: 2025/046 which was published on 10 November:
Recommended action for users of IMR ‘Document Cart’ function in EDGE ‘IE Mode’
Further to Market Communication 2022/060 regarding the use of IE Mode for legacy applications and following our recent Status Page updates regarding file download issues caused by a Microsoft Windows 11 update, Velonetic is issuing this Market Communication with advice from DXC, to provide the final, permanent resolution for a subset of IMR users who have been utilising the temporary workaround advised on the Velonetic Status Page.
Important note on scope
DXC has received a small number of customer queries regarding this issue and believe the impact is limited. This guidance is relevant only for technical support teams supporting end users who were recently forced to use the temporary "Save then Open" file workaround. If you are not impacted and have not used the workaround, you can disregard this message. DXC would be grateful if affected users could help pass on the message to the appropriate technical contacts within their own organisation.
Identifying impacted users
This issue only affects users accessing IMR via IE Mode. Users are operating in IE Mode if they see the small blue 'e' icon in the address bar when navigating to the IMR (at repository.xchanging.com).
Investigation outcome and causal factor
DXC has worked closely with Microsoft's product team regarding the hang or indefinite security scan loop experienced when attempting to open downloaded files in Edge IE Mode following the installation of the Windows 11 cumulative update, KB5065426. This update, released as part of the September 2025 “Patch Tuesday” for Windows 11 Version 24H2, is the direct causal factor.
The investigation has confirmed that this behaviour is not a defect, but an intentional design change by Microsoft. SmartScreen functionality has been deliberately disabled in Internet Explorer (including IE Mode) for trusted intranet sites to improve security posture and performance.
Microsoft's position is that IE Mode is intended only for trusted, enterprise-configured applications and that file protection is now provided through the standard Mark-of-the-Web (MOTW) scans in the Windows Shell for files downloaded from these trusted sites. The temporary workaround of "Save then Open" has confirmed this bypasses the issue, but the required configuration change detailed below is the permanent fix.
Recommend action for affected users
As the observed behaviour is now confirmed as an intentional change, the only permanent resolution is to implement the following configuration update to explicitly disable the redundant SmartScreen check within IE Mode for your trusted London Market sites.
Technical teams may apply the following configuration to all relevant end-user machines:
1. Ensure the IMR URL is in the Trusted Sites List:
- Confirm that *.xchanging.com (or the specific IMR URL) is included in the user's Trusted Sites zone within Internet Properties. This is a prerequisite for the next step.
2. Set "Use Windows Defender SmartScreen" to Disable
The steps to implement this setting are:
1. Open Internet Properties (e.g., via Control Panel or running inetcpl.cpl).
2. Navigate to the Security tab.
3. Select Trusted Sites and click the Custom Level... button.
4. Scroll down to the setting "Use Windows Defender SmartScreen".
5. Select the Disable radio button.
6. Click OK and apply the changes.
DXC recommends that this change should ideally be managed and deployed across your organisation via Group Policy Object (GPO) or equivalent configuration management tooling.
This configuration has been extensively tested internally by the Velonetic BPS team and successfully restores normal file-opening functionality within IE Mode for IMR Document Cart users, removing the need for the temporary workaround.
Please contact the Velonetic IT Service Centre by email service.centre@dxc.com or call 0870 380 0830 if you have any questions about this communication.
Nov 11, 12:38 GMT
Update -
Our teams have continued work with Microsoft's product group to investigate this issue. As mentioned in yesterday's update this is now confirmed as expected behavior, resulting from a recent security update to how Microsoft Defender SmartScreen functions in Internet Explorer mode.
The temporary workaround of saving files to your computer before opening them remains a viable option.
However, for a permanent resolution, Microsoft has recommended a configuration change which we are now testing internally. Once this testing is completed early next week we will issue guidance via the Market Communications process and via a link on a final update to this status page.
As a reminder:
The workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 17:00 on Tuesday (30th September).
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 26, 17:27 BST
Update -
Microsoft have identified the issue and confirmed this is expected behavior following the security update, we are meeting again tomorrow to discuss the options to resolution.
As a reminder:
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 17:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 25, 18:25 BST
Update -
Microsoft are still working on a solution for this issue and we are meeting with them again tomorrow for a further update.
As a reminder:
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 17:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 24, 16:21 BST
Update -
We have been working with Microsoft again today to help them collect more diagnostics information, and they are due to come back to us sometime tomorrow with the findings and recommendations.
As a reminder:
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 17:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 23, 14:26 BST
Update -
Microsoft have confirmed the issue has been reported by other customers, and we are actively chasing them to confirm the next steps and a fix for this issue.
As a reminder:
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 12:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 22, 11:19 BST
Update -
Our DXC technical team are continuing investigation into this issue with Microsoft, they have collected diagnostics and we are now waiting for them to confirm the next steps and hoping for a fix or further security update to be released.
As a reminder:
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 12:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 18, 11:42 BST
Identified -
DXC has been made aware this morning of a small number of customers having issues downloading files, via Microsoft Edge, from either IMR or KnowledgeBase. We have traced this to a specific Microsoft security update that has been downloaded to customers' Window 11 machines, which was released in the last few days.
For the information of customers' technical teams, the Microsoft update is known as "2025-09 Cumulative Update for Windows 11 Version 24H2 for x64-based Systems (KB5065426) (26100.6584)".
Whilst we seek a solution from Microsoft, the workaround for affected customers is to 'Save' the document being downloaded, instead of opening it directly. Customers can then open the file from their Downloads area on their computer without issue.
A further update will be issued no later than 12:00 tomorrow.
DXC apologises for the inconvenience and the impact being caused to our customer's operations.
Sep 17, 14:32 BST