7-Zip recently implemented the long-awaited Windows ”Mark-of-the-Web” (MOTW) security feature that can improve users’ security against malicious downloads.
Although 7-Zip users repeatedly suggested that the program receive MOTW support, the program’s developer, Igor Pavlov, disapproved. He explained his stance by saying that “the overhead for that property (additional Zone Identifier stream for each file) is not good in some cases.”
7-Zip’s most recent update (Version 22.00) brought several new features to the archiving tool, including the highly anticipated MOTW support, additional high-precision timestamp storage, and new TAR archive switches for the Linux version.
It’s worth noting that Windows only applied the MOTW identifier to archives and not to their contents. Thus, extracting the contents of a downloaded archive with 7-Zip would result in files that lacked the security tag. However, 7-Zip’s recent update lets users propagate MOTW streams to the extracted files, as well.
You can enable MOTW in 7-Zip with these easy steps:
- Launch 7-Zip File Manager
- Open the
- Click the
- Go to the
- Open the
Propagate Zone.Id streamcombo menu
- Set the option to
Yes(more secure) or
For Office files(less secure)
- Click the
Applybutton to save your settings
MOTW is an efficient Windows security feature that protects end-users against malicious downloaded content. Windows automatically adds Mark-of-the-Web, a ‘Zone.Id’ alternate data stream to downloaded files.
The attribute signals the system and supported apps that the files have an external origin and that opening or running them could be risky. Trying to open or run a downloaded document or executable with MOTW will trigger a warning, prompting users to confirm their actions.
Office documents with the Mark-of-the-Web identifier always open in Protected View, disabling macros and enabling the read-only mode for the file. Users can easily check if a file has MOTW by right-clicking it and accessing Properties. MOTW-tagged files will have a message at the bottom and an “Unblock” checkbox.
Ticking the checkbox will remove the MOTW from the document and treat it as trusted. Opening or running the file and confirming the prompt for the first time will have the same effect.