Potentially Unsafe File Types

WinZip

Potentially Unsafe File Types

WinZip® displays caution messages in some situations, such as when you double-click on a .EXE file compressed within a Zip file, to warn that you are working with a file type that could potentially contain a virus. These warnings can be helpful for WinZip users who rarely or never need to use Zip files containing these potentially unsafe file types. WinZip users who frequently need to work with the file types involved can easily turn the caution messages off.

To help prevent virus infections on your computer, you should familiarize yourself with the information on this page. A little knowledge and some sensible security procedures will allow you to be comfortable working with the Zip files that you receive.

On this page:

Overview

About potentially unsafe file types

WinZip's handling of potentially unsafe file types

Security hints and tips

Overview

One of the most common ways in which a computer becomes virus-infected is that its user actively causes the virus to run, not realizing that the file being opened could contain a virus. This can happen when, for example, you double-click a virus-infected attachment to an e-mail message.

Viruses are sometimes compressed inside Zip files, which are then sent as e-mail attachments. When you receive a Zip file as an e-mail attachment, double-clicking the attachment will open the Zip file in WinZip (or whatever Zip utility is installed on your system). If, within your Zip utility, you then double-click the virus-infected file, the virus can run and your computer can become infected. (An up-to-date virus scanner, scanning files in real time, will stop most infections, but the newest viruses may escape detection.)

One reason that viruses are able to spread is that double-clicking a file has historically been a safe thing to do. It is easy to casually double-click a file received as an e-mail attachment, or a file within a Zip file received as an e-mail attachment.

Unfortunately, because of the recent proliferation of viruses, it is no longer safe to routinely double-click files, especially files received as attachments to suspicious e-mail messages or downloaded from untrusted web sites. This issue has become so important that recent versions of Internet Explorer and of e-mail programs such as Outlook and Outlook Express warn you when you are about to work with potentially unsafe file types.

Because Zip files can sometimes contain virus-infected files, this version of WinZip displays similar warnings in certain situations when a Zip file that you are working with contains files of potentially unsafe types.

About Potentially Unsafe File Types

The file type of a file, sometimes referred to as its extension, is the last portion of the name of the file. For example, if you have a file called "memo.doc", the last portion of the name of the file (that is, the portion following the final period) is "DOC". This file therefore has a file type of DOC, and would sometimes be referred to as a DOC file or a .DOC file.

Windows generally uses the file type to decide how the file will be handled when you double-click the file's icon. For example, DOC files most often contain Microsoft Word documents; if you double-click a DOC file and Microsoft Word is installed on your system, Windows will open the file in Microsoft Word.

As a second example, the file "game.exe" has a file type of EXE. This type of file normally contains a program, and if you double-click it, Windows will run the program.

The EXE file type is an example of a potentially unsafe file type. While the vast majority of EXE files that you are likely to encounter are safe and useful, malicious individuals sometimes write programs that can harm your computer and distribute them in the form of EXE files.

There are a number of other file types that are often considered to be potentially unsafe because they have been used to spread viruses. There is no definitive list of these file types that everyone would agree with, and to some extent the list is constantly changing, but here is the list that is used by this version of WinZip:

ADE, ADP, APP, BAS, BAT, CHM, CMD, COM, CPL, CRT, CSH, DLL, EXE, FXP, HLP, HTA, INF, INS, ISP, JS, JSE, KSH, LNK, MDA, MDB, MDE, MDT, MDW, MDZ, MSC, MSI, MSP, MST, OCX, OPS, PCD, PIF, PRF, PRG, REG, SCF, SCR, SCT, SHB, SHS, URL, VB, VBE, VBS, VBX, WSC, WSF, WSH, XSL

All of these file types have legitimate uses under appropriate circumstances. The simple fact that a file is one of the types listed above does not mean that there is something "wrong" with the file or that it is infected with a virus. But if you receive a file with one of these types from an untrusted source or in unexpected or suspicious circumstances, you should not work with the file until you are sure that it is safe.

Of course, as mentioned above, there is no definitive list of which file types are safe or unsafe, so even with file types that are not on the above list, you should use appropriate cautions.

For some general security guidelines, see Security Hints and Tips below.

WinZip's Handling of Potentially Unsafe File Types

This version of WinZip has been enhanced to warn you about some of the most common situations in which you could become infected by a virus compressed inside a Zip file.

This enhancement involves several small changes to WinZip that we believe will, in these specific situations, make it less likely for you to be affected by a virus that has been placed inside a Zip file.

  • If you are using the WinZip Classic interface and you double-click a file with a potentially unsafe file type, such as .EXE, WinZip will display a dialog warning you about the potentially unsafe file type. You can then decide whether you really want to open it.

    Note that this warning is only displayed when you double-click a file within a Zip file to open that file from within WinZip. You can still extract files from a Zip file to a folder on your disk without a warning, regardless of the file types involved.

  • If you are using the WinZip Wizard interface, the Wizard will display a dialog to notify you when you begin to work with a Zip file that contains any files on WinZip's list of potentially unsafe file types. You can then decide whether you want to continue working with that Zip file.
  • WinZip also displays warning text when you try to install software contained within a Zip file. For example, when you use the Install button in the WinZip Classic interface to install software from a Zip file that contains a Setup program, WinZip will display a dialog reminding you not to install untrusted software.

Some WinZip users, especially "power users" who frequently work with some of the file types that WinZip considers potentially unsafe, will prefer not to see these warnings repeatedly. Therefore, all of the new warning dialogs have check boxes that you can use to stop them from displaying again.

Security Hints and Tips

Know Your Source

  • Never open a Zip file that is attached to e-mail from an unknown source.
  • If an unexpected Zip file is attached to e-mail from someone you know, consider verifying with the sender that the attachment is legitimate. Some viruses spread by e-mailing copies of themselves to everyone in the contact lists of infected computers; this means that you can receive infected files even from people you know.
  • Avoid downloading Zip files from untrusted web sites.
Of course, these guidelines don't apply only to Zip files; they apply equally to any file type.

Keep Your System Protected and Up-To-Date

  • It is very important to have a good anti-virus program installed on your computer. We recommend that you configure your anti-virus program to scan all files that you work with in real time. Most virus scanners can also be configured to scan e-mail as it arrives and quarantine infected messages. We also recommend that you enable this option. And, because new viruses are discovered almost daily, be sure to keep your anti-virus program up to date. Most anti-virus programs have an automatic update facility that can help with this.
  • You should also use Microsoft's Windows Update feature to be sure that you have Microsoft's latest fixes for your version of Windows. Windows Update also has an automatic update facility that can help keep you up to date.
  • To be sure that you find out about new WinZip updates or maintenance releases, sign up for the WinZip mailing list at http://www.winzip.com/maillist.htm.

Disable Hidden File Name Extensions

All current versions of Windows are initially installed with an option called "Hide extensions for known file types" enabled. When this option is enabled, Windows will not display the file name extensions (.EXE, .DOC, etc.) for file types that it knows about.

This option is considered by many knowledgeable users to be dangerous, primarily because it can mislead you about the true nature of your files. For example, you might have a virus-infected file named "vacation.jpg.exe". If the hidden extension option is enabled, this file will appear on your desktop or in Windows Explorer as "vacation.jpg", leading you to think that it is a harmless vacation picture. In fact, it is an executable program, and opening it could infect your computer.

To disable hidden extensions:

  1. Open My Computer or Windows Explorer.
  2. Click Folder Options, which will be located in either the View menu or the Tools menu, depending on your version of Windows.
  3. In the Folder Options dialog, click the View tab.
  4. Uncheck the box labeled Hide extensions for known file types and click OK.