question

RudolfMeier-2283 avatar image
0 Votes"
RudolfMeier-2283 asked RoyLi-MSFT edited

downloads, how to provide them

We do have a problem with our downloads that we provide. We have some powershell modules/cmdlets packed into an assembly, packed into a zip file. This file can be downloaded from our customers. The assembly is signed (like a normal exe/dll, I don't know if there's an other fancy cool new 'sign with appx manifest and who knows what else' way). ... but now, when our customers download those zip files and unpack them and try to import those modules, they get the information, that it cannot be loaded because of missing dependencies.
But the point is, that they have to right-click them, then unblock the files (downloaded from internet - bla bla) and after that they can use it.
My question now is... what can I do to prevent this? How do I have to distribute / pack those assemblies so that we don't run into this problem? It's quite annoying to deal with this over and over again...

Rudolf

not-supported
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

RLWA32-6355 avatar image
0 Votes"
RLWA32-6355 answered RLWA32-6355 commented

Unblock the zip file before any contents are extracted. Once the zip file has been unblocked the contents will not need to be unblocked after they have been extracted.

I don't think that there is anything that you can do to prevent "The Mark of the Web" from being applied to downloaded files. For example, even zip files that I have uploaded to my own OneDrive storage will need to be unblocked if I download them! However, since the Mark is actually an NTFS alternate data stream if you save the download to a non-NTFS file system (e.g., USB thumb drive formatted with Fat32) then the downloaded files will not be blocked.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

this security stuff destroys everything... I see the need for security, but today even files signed with those expensive EV code signing certificates get marked as suspicious and dangerous and the recommendation is to delete the file and not using it... that's just... not how it should be

0 Votes 0 ·

Yes, the net is full of complaints about smartscreen and how difficult it is to build the reputation that it wants to see before it doesn't complain about a download. Not to mention the cost of purchasing the more expensive certificate that supposedly will alleviate the reputation building issue.

0 Votes 0 ·