Vista Blocked File Protection Control
Windows Vista is known to be much more picky about the file types it allows the user to use than previous operating systems. Some file types are considered to be a potential threat, and therefore are blocked. As a general – this is good, but sometimes it can just drive you nuts. Windows XP Pro also used to block many potentially harmful file types (read my “How can I enable transfer of MP3 files through Microsoft Windows Live Messenger?” article), but here, with Vista, the file range is extended to even more file types. Some of these *might* be harmful, and I’m not saying that they should always be trusted. That’s why you’re *supposed* to have an updated Anti-Virus and Anti-Malware program running and scanning your computer at all times (Lamer note: You do have one, don’t you?). But my point is that if you know what you’re doing you could very well disable this protection and trust your AV program to do the scanning for you.
Consider this example – You’re using Windows Live Messenger to chat with your friend, when she sends you a zipped file containing some stuff you need. All this is good and well, but for some reason, Windows Vista now thinks that the .ZIP file is dangerous and should be blocked. It seems that the content of the zipped file is unimportant, Vista will block this file type because it was received from an un-trusted source – via Windows Live Messenger. This warns users that an executable downloaded from the Internet stays potentially dangerous even after it lands on a local drive.
This is what happens when you try to unzip it (file name is just an example):
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
And when looking at the file’s properties – this is what you get:
“This file came from another computer and might be blocked to help protect this computer”
The reason for this is because, in Vista, the file’s zone information is being preserved within the file. As a general practice, this identifies where the file came from and kicks off warnings as appropriate, telling you to be careful. However, we, as masters of our computer, know better (Lamer note: Remember that previous note about having a good and updated AV and Malware protection software, right?).
By the way, if you download a .zip file then extract the files, each of the extracted files gets a named stream that points back at the .zip file. This means you still get the warning.
BTW, this “feature” is not native to Vista alone, Windows XP SP2 + IE 7 also exhibit this behavior.
There are a few ways to deal with this:
Method #1 – Do not use NTFS
Oh, no, this is not a real option. NTFS is your friend, you’re supposed to use it, and there’s no real benefit in disabling it. This was just another lamer check!
Method #2 – Live with it
You can simply unblock the file by right-clicking on it, and on the General tab – clicking the Unblock button, and then on the Ok button.
Method #3 – Disable the feature
- In Windows Vista, Click Start.
- In the Search box, Run box or console window type: GPEDIT.MSC to bring up the Group Policy Object editor.
- Navigate to User Configuration > Administrative Templates > Windows Components > Attachment Manager. Here you will find a couple of policies related to this feature, but to disable it you’ll want to ENABLE the policy called “Do not preserve zone information in file attachments”.
- Close the GPO editor.
- Either logoff your computer, or refresh the local policy by typing the following command in a Command Prompt or in the Run box:
Method #4 – Delete the stream data
To get rid of the warning, you need to remove the named data stream. You can also use a utility called “Streams” from Sysinternals – Get it here:
After downloading the tool execute it in the following format to delete the stream from the file:
Got a question? Post it on our Windows Vista Forums!