Search Console Security Issues — "Harmful downloads" / "Uncommon download"

What’s actually happening

Search Console's Security Issues report lists "Harmful downloads" or "Uncommon download," and Chrome warns or blocks users who try to download files from your site. "Harmful" means Safe Browsing classified a file as malware or unwanted software — that's serious and can suppress your listings with an interstitial. "Uncommon download" is milder: Safe Browsing simply hasn't seen the file before and warns until it builds reputation, then clears on its own. Both can come from files you host or from files on a domain you link to for download.

Common causes

• The site was compromised and now serves malware or a trojaned installer — the most urgent case.
• A legitimate installer is bundled with software Safe Browsing classifies as unwanted (toolbars, opaque bundlers, deceptive update prompts).
• You link to a third-party download URL that Safe Browsing has flagged, so the warning attaches to your site.
• A freshly published binary nobody has downloaded yet trips the "uncommon download" heuristic purely on novelty.
• Downloads that violate Google's Unwanted Software policy: misleading file names, missing disclosure of bundled software, or unexpected system changes.

How to fix it

1. Identify the exact flagged filesOpen Search Console > Security & Manual Actions > Security Issues and read which URLs/downloads are cited. Cross-check with the Safe Browsing site status page (transparencyreport.google.com/safe-browsing/search). If your site was hacked, scan the host for injected files and recently modified binaries first.
2. Remove or remediate the harmful filesDelete malware, replace trojaned installers with clean signed builds, and drop or fix any outbound links to flagged third-party downloads. If a file genuinely doesn't violate the download guidelines, you don't have to remove it — but you do have to be sure.
3. Bring downloads into policyMake installers disclose any bundled software, use accurate file names, sign your binaries, and serve them over HTTPS. Following Google's Unwanted Software policy is what stops the flag from coming back after review.
4. Request a security reviewOnce the files are clean, click Request Review in the Security Issues report and describe what you fixed. Reviews take a few days to a couple of weeks. For a plain "uncommon download," you can request review and otherwise wait — it usually clears automatically as the file gains downloads, unless it actually contains malware.
5. Verify the warning is gone in ChromeAfter the review passes, download the file in a clean Chrome profile and confirm no "this file is dangerous" prompt appears. Recheck the Safe Browsing status page too, since browser caches of the verdict can lag.