Nov 012010

In our lab environment we are testing VMware Lab Manager to help us design new environments, simulate customer issues and other things as well. I had used XP during the initial tests, however I noticed something pretty annoying when I switched to Windows 7.

If I used Internet Explorer 8 to open a console to one of my virtual machines in VMWare Lab Manager, I would receive the following error message:

“A website wants to open web content using this program on your computer. this program does not have a valid digital signature that verifies its publisher. This program will open outside of Protected mode, putting your computer at risk. You should only run programs from publishers you trust.”

If you read it carefully, it states that I want to open an application outside of my protected mode.


When I click on the “Allow”, button I receive the error “Bad Handle 0xb90, Then handle is invalid.”


The next error that comes up states: “C:\Program Files\Internet Explorer\PLUGINS\vmware-remotemks.exe: this executable should not be invoked directly.”


The first error (the one about a bad handle) doesn’t tell you a lot. However, the second one does. It’s actually telling you that you are not allowed to start the VMware browser plug-in to get a console.

I noticed that the issue went away when I ran Internet Explorer as Administrator. I was fine with that at first, but I needed to find a easy solution for my coworkers. So after a while I thought,”Let’s add the URL to my trusted sites,” and guess it worked. 🙂

However, since I wasn’t satisfied yet, I made some additional tests. In the end, I noticed that “Enable Protected mode” was enabled for my internet zone. Disabling this setting is not a good idea, so I recommend to simply add the website to your trusted sites.


In summary, the problem I had lies in the security features of Internet Explorer 7 and up. Also since VMware didn’t sign the application, Internet Explorer is not able to verify the publisher as trusted. Please note: our lab domain is a different domain than the one our clients belong to. If you have already added * to your trusted sites you might not get this error.