SP2 security problems

Does anyone have a link to a thorough explanation
of how to manage XP SP2 security for files?

I sent a zip to a friend, with VBS files inside.
He got a message that "some files were blocked"
when he extracted the zip, and the VBS files were
not extracted!
It appears that I need to understand
the various SP2 settings in order to dependably
send files to others. And now I'm also wondering
about downloaded zips with VBS inside. Is SP2
also hiding those from the user by default?
_____________________________

mayayXXana1a@mindYYspring.com
For return email remove XX and YY.
_____________________________

tlviewer
Wed Jan 26 08:43:59 CST 2005


"mayayana" <mayaXXyana1a@mindYYspring.com> wrote in message
news:0PMJd.7413$cZ1.2022@newsread2.news.atl.earthlink.net...
>
> Does anyone have a link to a thorough explanation
> of how to manage XP SP2 security for files?
>
> I sent a zip to a friend, with VBS files inside.
> He got a message that "some files were blocked"
> when he extracted the zip, and the VBS files were
> not extracted!

I suspect their AV software of doing this. Tell them
to turn off virus scanning when opening your distros. They
should be doing that for most installs anyway.

WinXP comes bundled with the outdated and clumsy
<zipfldr.dll> integrated into the shell.

When I install WinXP, the first hack I do is to unregister
it from /run
regsvr32.exe /u c:\windows\system32\zipfldr.dll

doing the above frees Explorer from opening every
Zip file it encounters, speeding things up nicely.

regards,
tlviewer

Torgeir
Wed Jan 26 08:42:55 CST 2005

mayayana wrote:

> Does anyone have a link to a thorough explanation
> of how to manage XP SP2 security for files?
>
> I sent a zip to a friend, with VBS files inside.
> He got a message that "some files were blocked"
> when he extracted the zip, and the VBS files were
> not extracted!
> It appears that I need to understand
> the various SP2 settings in order to dependably
> send files to others. And now I'm also wondering
> about downloaded zips with VBS inside. Is SP2
> also hiding those from the user by default?
Hi

When using Internet Explorer or Outlook Express to download files to a
NTFS formatted disk, for some file types (e.g. zip and exe), a NTFS
stream is added to the file that contains information about what Web
content zone it originates from from. This makes the WinXP builtin
unzip function to refuse to expand the zip file if it comes from the
Internet zone.

For more on NTFS streams, take a look here
http://www.sysinternals.com/ntw2k/source/misc.shtml#streams


Some workarounds:

1)
Don't use Internet Explorer or Outlook Express, switch to another
browser and/or e-mail client.

2)
If you want to use IE, after you have downloaded the file, in Explorer,
right click on the file. Select Properties, and then click the
"Unblock" button.

3)
Don't use WinXP builtin unzip function, install a 3rd party ZIP
manager, a couple of free ones listed below.

ZipGenius (freeware)
http://www.zipgenius.it/

Last freeware version of PowerArchiver:
http://www.321download.com/LastFreeware/


--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

mayayana
Wed Jan 26 19:27:04 CST 2005

Thanks, both.

[ Torgeir: I've actually been researching the
"zone.marking" stream recently. You seem to
have become famous as the "sharp-eyed
administrator" who discovered it. :) ]

I'll check with my recipient about his ZIP
arrangements. Part of the reason I was asking
about this, though, is because I've got the impression
that there are some kind of security level settings.
In other words, it seems that one person who
downloads a risky file might get a warning while
another gets a message that the file has been
blocked. I figured that there must be some kind
of Control Panel settings to define allowed file
types. Are there no user-accessible settings for
the SP2 security restrictions at all? Only on a
per-file basis?
_____________________________

mayayXXana1a@mindYYspring.com
For return email remove XX and YY.
_____________________________
tlviewer <tlviewerSHRUB@yahooCHENEY.com> wrote in message
news:#Q49qV7AFHA.3236@TK2MSFTNGP15.phx.gbl...
>
> "mayayana" <mayaXXyana1a@mindYYspring.com> wrote in message
> news:0PMJd.7413$cZ1.2022@newsread2.news.atl.earthlink.net...
> >
> > Does anyone have a link to a thorough explanation
> > of how to manage XP SP2 security for files?
> >
> > I sent a zip to a friend, with VBS files inside.
> > He got a message that "some files were blocked"
> > when he extracted the zip, and the VBS files were
> > not extracted!
>
> I suspect their AV software of doing this. Tell them
> to turn off virus scanning when opening your distros. They
> should be doing that for most installs anyway.
>
> WinXP comes bundled with the outdated and clumsy
> <zipfldr.dll> integrated into the shell.
>
> When I install WinXP, the first hack I do is to unregister
> it from /run
> regsvr32.exe /u c:\windows\system32\zipfldr.dll
>
> doing the above frees Explorer from opening every
> Zip file it encounters, speeding things up nicely.
>
> regards,
> tlviewer
>
>
>

Torgeir
Mon Jan 31 21:20:39 CST 2005

mayayana wrote:

> Thanks, both.
>
> [ Torgeir: I've actually been researching the
> "zone.marking" stream recently. You seem to
> have become famous as the "sharp-eyed
> administrator" who discovered it. :) ]
>
> I'll check with my recipient about his ZIP
> arrangements. Part of the reason I was asking
> about this, though, is because I've got the impression
> that there are some kind of security level settings.
> In other words, it seems that one person who
> downloads a risky file might get a warning while
> another gets a message that the file has been
> blocked. I figured that there must be some kind
> of Control Panel settings to define allowed file
> types. Are there no user-accessible settings for
> the SP2 security restrictions at all? Only on a
> per-file basis?
Hi

Description of how the Attachment Manager works in Windows XP
Service Pack 2
http://support.microsoft.com/?id=883260



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx

mayayana
Tue Feb 01 07:20:02 CST 2005

Thank you, Torgeir. That clarifies it, and
highlights something I wasn't aware of:
That most people using OE will have their
attachments treated with Restricted Zone
rules.
_____________________________

mayayXXana1a@mindYYspring.com
For return email remove XX and YY.
_____________________________
Torgeir Bakken (MVP) <Torgeir.Bakken-spam@hydro.com> wrote in message
news:eA6Qd1ACFHA.2032@tk2msftngp13.phx.gbl...
> mayayana wrote:
>
> > Thanks, both.
> >
> > [ Torgeir: I've actually been researching the
> > "zone.marking" stream recently. You seem to
> > have become famous as the "sharp-eyed
> > administrator" who discovered it. :) ]
> >
> > I'll check with my recipient about his ZIP
> > arrangements. Part of the reason I was asking
> > about this, though, is because I've got the impression
> > that there are some kind of security level settings.
> > In other words, it seems that one person who
> > downloads a risky file might get a warning while
> > another gets a message that the file has been
> > blocked. I figured that there must be some kind
> > of Control Panel settings to define allowed file
> > types. Are there no user-accessible settings for
> > the SP2 security restrictions at all? Only on a
> > per-file basis?
> Hi
>
> Description of how the Attachment Manager works in Windows XP
> Service Pack 2
> http://support.microsoft.com/?id=883260
>
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
> http://www.microsoft.com/technet/scriptcenter/default.mspx