malware risk

Hi - my organisation will not consider purchasing Knime, even though it looks perfect for the large data validation task we have. They say

‘Sorry – Knime has failed the software approval. It tries to launch executables from an illegal part of the drive – the sort of place that malware likes to run from’


‘The developers of this software have not followed the rules for where executables should run from following the malware explosion around Wannacry.’

Can anyone comment?



Can you be more specific about what exactly the problem is? What is an “illegal part of the drive”, for example?


They wrote…‘tries to run executables from the Appdata folder which is a restricted area’

Is that correct?

There are some extensions which rely on native executables. These are extracted into a temp directory and then run from there. I’m not familiar with Windows, but it’s possible that the temp directory for KNIME Analytics Platform is by default in the AppData folder.

I work for a small government dept. If it fails a security check here, it will fail the same security check in every other government dept - inc. the bigger and more important ones. Surely not good for Knime business?

KNIME Analytics Platform is being used by tens of thousands of users including large companies and government agencies. Nobody has complained about this so far.
If your IT department could be more specific about what exactly is the problem (i.e. which executable is being started from which exact location) is we may have a look.


ok. thanks. I’ll pass on the message.

It’s the Appdata directory that is the issue .Appdata is a common target for malware because it is a writable directory that is accessible by the user. If you download and execute an executable file from the Appdata folder, it could potentially be a malicious program that can infect your system with malware or viruses.

Let the it department install it locally on your system if they don’t allow it the way you tried

That still doesn’t answer the question what exact executable is supposedly started from the AppData folder.


They are being a bit vague. I am more interested in this than they are. But I’ll try again to find out

But also, shouldn’t you know if something runs from there and what it is?

@dbocquet question would also be if you have this issue with the base knime installation or after adding 3rd party extensions.

Like @thor said, with 3rd party extensions this might be more often the case e.g. for my selenium nodes the selenium driver is execute from the app data folder if that is your systems temp folder. (But nothing to be done about that if a browser automation is needed from within Knime)

But if your IT does not like it, then maybe try if you have any issues without any extension installed. Maybe that will resolve your issue already :slight_smile:


Hi guys,

MAYBE it can be more productive if you just download the zip file from knime and use it into other drive/folder, because knime won’t use the appdata folder as a full application process usual for windows systems… can you try to use it as just a standalone application? Could it solve this problem for all?

*** FYI: a standalone zip file will works as a full installation and will bring all updates and extensions normally



I’d love to but if the tool doesn’t pass the security check it cannot be installed anywhere at all. I have no option for alternative installation.


OK, I just said that almost applications use this folder to save settings, some file registration codes and more… IF you can use other settings for it, it’ll pass for your IT, just saying that would not be necessary to use the appdata as default, and can pass throw the complaince TI understand.

Many dummy programs and systems use it, but can be internal political process to allow or not for you only… sorry about it because the tool is very powerful and can bring some great results for the company… try to talk to them about it… I hope that they understand and let you use it.



1 Like

Good news. IT have decided knime is safe and have installed it for me!


Great news!!! Now let’s rock… lol



This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.