Microsoft scanning for malware inside password-protected zip files

2 years ago 2
ARTICLE AD BOX

Microsoft is scanning the contents of some password-protected zip files stored or shared through its cloud-based services, Ars Technica reports.

The publication spotted several posts on decentralized social networking platform Mastodon, where users complained about the issue.

Among them was cybersecurity researcher Andrew Brandt, who was surprised to discover that Microsoft had flagged a file he shared with other researchers through a SharePoint directory as infected.

“While I totally understand doing this for anyone other than a malware analyst, this kind of nosy, get-inside-your-business way of handling this is going to become a big problem for people like me who need to send their colleagues malware samples,” he said.

“The available space to do this just keeps shrinking, and it will impact the ability of malware researchers to do their jobs.”

Brandt said Microsoft OneDrive previously deleted malicious files he had stored in a Windows folder, despite him adding an exception for the files in his endpoint security tools.

The cloud storage service wiped the local copies off his computer shortly after uploading them to OneDrive.

Another security researcher — Kevin Beaumont — explained that Microsoft used multiple ways to scan the contents of password-protected files for malware.

These included searching for possible passwords in the bodies of emails sent with the zip files as attachments or in the names of the files themselves.

Microsoft’s security tools also consulted a list of regularly-used passwords to see whether one of them could open the file. In this case, the password on the ZIP file was “infected”.

Ars Technica also pointed out that the contents of many password-protected zip files could easily be read as the default encryption method used to secure them was trivial to override.

Malicious actors sometimes use compressed zip folders to hide dangerous files from malware scanning tools.

Microsoft is evidently trying to beat this tactic, but some users are concerned that its approach might be a bit privacy-invasive and could lead to file loss.

Now read: Best VPNs for home users

Subscribe to our daily newsletter

Loading ... Loading ...

logo

Microsoft scanning for malware inside password-protected zip files

Read Entire Article
  1. Homepage
  2. Technology
  3. Microsoft scanning for malware inside password-protected zip files

Related

SA Post Office could owe workers R1 billion in unpaid retirement funds

SA Post Office could owe workers R1 billion in unpaid retire...

2 years ago 3
Vodacom hands five cellular sites over to Limpopo government

Vodacom hands five cellular sites over to Limpopo government...

2 years ago 3
Nvidia announces RTX 4060 graphics cards

Nvidia announces RTX 4060 graphics cards

2 years ago 1
RIGHT SIDEBAR TOP AD

Trending

1. Nuggets vs Lakers
2. Inter Miami vs New York City
3. Bivol vs Beterbiev 2
4. Chelsea FC
5. Man City vs Liverpool
6. Las Palmas vs Barcelona
7. Aston Villa vs Chelsea
8. Mamelodi Sundowns vs TS Galaxy
9. Loadshedding
10. Six Nations

Popular

Thapelo Amad is the new executive mayor of Joburg

Thapelo Amad is the new executive mayor of Joburg

3 years ago 15
GROUNDUP: Usual suspects — leaked forensic report states Lottery school toilet project hijacked by Lottopreneurs

GROUNDUP: Usual suspects — leaked forensic report states Lot...

3 years ago 14
News24.com | Thabo Bester escaping accused remain in custody as bail hearing postponed for closing arguments

News24.com | Thabo Bester escaping accused remain in custody...

2 years ago 14
Government welcomes AG's PFMA audit outcomes

Government welcomes AG's PFMA audit outcomes

3 years ago 12
Another big hole in South Africa’s new BEE and transformation targets

Another big hole in South Africa’s new BEE and transformatio...

2 years ago 10
RIGHT SIDEBAR BOTTOM AD
English (US) English (US)
About Us · Contact Us · Terms & Conditions ·

© ADM Aggregator 2026. All rights are reserved