Cursor installer and updater are generating files in temp directory which are blocked by smartscreen. Normally, we’re able to unblock, but are unable to do now as new files are generated each time. This is new, it worked ok previously up to ± last week.
Steps to Reproduce
Enable smartscreen and attack surface detection rules, try to install cursor.
Expected Behavior
Cursor should not create temp files in the user’s directory, and not clean them up every time.
Hey, thanks for the report. This looks like a Windows Defender SmartScreen issue that has recently affected some users. Temp files created during installation or updates can trigger the security filters.
What to try:
Temporarily disable SmartScreen during installation: Windows Security > App & browser control > Reputation-based protection settings > turn off “Check apps and files”
Add an exclusion for the Cursor installation folder and the temp folder in Windows Defender
Disabling SmartScreen temporarily during installation is not feasible in corporate settings. Adding an exclusion for the Cursor temp folder is also inadvisable due to security risks.
This is a Cursor issue, not a Windows Defender problem, as the temp file, an unsigned PE executed by the installer, triggers the block (as it should).
