Windows 11 KB5094126: Microsoft’s desktop.ini hardening causes some folder icons to disappear

Windows has once again found a way to turn a security enhancement into what appears to be a minor inconvenience for its users. Following the June 2026 update, reports have emerged indicating that custom folder icons and localized folder names are no longer displaying as they typically would. Microsoft has clarified that this is not a mere glitch but rather an intentional modification. This change pertains to security updates released from June 9, 2026, onward, specifically including KB5094126 for Windows 11 versions 24H2 and 25H2, which advance the systems to builds 26100.8655 and 26200.8655, respectively. The update has tightened the handling of the desktop.ini file, a key player in folder customization.

What desktop.ini actually does

The desktop.ini file is a longstanding yet understated feature within Windows that allows for folder customization. It enables users to define custom folder icons, specify display behaviors, and set localized names. This file is commonly found in various customized folder structures, including software packages, network shares, downloaded archives, synchronized folders, and company-specific repositories. With the recent update, Microsoft has not altered access to the actual files; affected folders remain intact, undamaged, and unlocked. The real issue lies in how these folders are presented in File Explorer. Consequently, a folder may revert to its default icon or display its original directory name instead of a customized or translated label. While this may seem superficial, it can have significant implications in larger environments.

For those working with localized folder structures, template packages, rollout archives, or network drives, the update might initially create confusion, leading users to believe that an application has lost its organizational integrity. In reality, Windows is simply refusing to process the presentation instructions contained within the desktop.ini file. Microsoft has identified several sources that may be deemed untrusted by Windows, including files downloaded from the internet with a Mark of the Web, copies from specific remote sources such as WebDAV or HTTP-based locations, and network paths not classified as Intranet or trusted zones. This marks a subtle yet important shift in how Windows manages trust, particularly concerning desktop.ini files, which, while seemingly harmless, can influence the display in Explorer. Such mechanisms can be exploited in attacks, potentially misleading users by altering folder appearances or names.

Microsoft advocates for a more secure approach by designating trusted internal sources. When these sources are properly classified, Windows will continue to process desktop.ini files from them. Alternatively, organizations can restore previous behavior through policy adjustments. However, Microsoft recommends the trusted-sources method to maintain enhanced protection for other locations. For private users, this change may primarily manifest as a sudden return to the standard yellow folder icons or the disappearance of translated names, which, while visually unappealing, typically does not disrupt functionality. Users are encouraged to verify the origins of their files rather than hastily disabling protective measures.

In enterprise settings, the implications are more pronounced. Network drives, template folders, software distribution points, and document archives could be impacted if these storage locations are not accurately classified as trusted by Windows. Administrators are advised to ensure that internal sources are correctly categorized through zone policies, Intranet classification, or Trusted Sites. It is crucial to understand that KB5094126 addresses more than just the desktop.ini issue; it also includes current security fixes and enhancements from the previous month’s optional preview. However, the desktop.ini modification is likely to be the most noticeable change in daily operations, as it directly alters the familiar folder view.

In essence, Microsoft is implementing a technically sound security measure that, from a communication standpoint, resembles a display error. For everyday users, this primarily results in frustration, while for administrators, it serves as a reminder to thoroughly assess legacy convenience mechanisms within network and distribution frameworks. Not every missing folder icon signifies a problem, but sometimes, such small visual cues can indicate that Windows is in the process of reorganizing its trust logic.

Winsage
Windows 11 KB5094126: Microsoft's desktop.ini hardening causes some folder icons to disappear