WinRAR 7.10 was launched yesterday with quite a few options, reminiscent of bigger reminiscence pages, a darkish mode, and the flexibility to fine-tune how Home windows Mark-of-the-Net flags are propagated when extracting information.
WinRAR is a well-liked file archiver and compression software for Home windows that enables customers to create, extract, and handle compressed information, primarily in RAR, ZIP, and lots of different file codecs. The creator claims that the software is utilized by 500 million individuals worldwide.
Yesterday, win.rar GmbH launched the ultimate model of WinRAR 7.10, itemizing quite a few new options that enhance the efficiency and value of this system.
These new options embody enabling bigger reminiscence pages for elevated efficiency, a reworked settings interface, and a long-awaited darkish mode.
Supply: BleepingComputer
One new characteristic that stood out is a brand new setting that allows you to strip data that could be thought-about a privateness danger from the Mark of The Net alternate knowledge stream.
“‘Zone worth solely’ possibility in “Settings/Safety” dialog controls if archive Mark of the Net propagation consists of solely the safety zone worth or all out there fields,” reads the WinRAR 7.10 launch notes.
“Whereas extra fields, reminiscent of a obtain location or IP handle, may assist to establish a file supply, they could be a privateness concern if file is shared with different individuals.”
For these unfamiliar with the Mark-of-the-Net (MoTW), it’s another knowledge stream named “Zone.Identifier” that’s added to information downloaded from the Web, together with from web sites and e-mail.
This identifier tells Home windows and supported functions that the file was downloaded from one other laptop or the Web and, subsequently, may very well be dangerous to open.
When trying to open a downloaded file, Home windows will verify if a MoTW exists and, if that’s the case, show extra warnings to the consumer, asking if they’re certain they want to run the file.
Supply: BleepingComputer
Microsoft Workplace may also verify for the Mark-of-the-Net, and if discovered, it’s going to open paperwork in Protected View, with the file in read-only mode and macros disabled.
To verify if a downloaded file has the Mark-of-the-Net, you’ll be able to right-click it in Home windows Explorer and open its properties.
If the file accommodates a MoTW, you will note a message on the backside stating, “This file got here from one other laptop and could be blocked to assist safety this laptop.”
Fashionable file archives will propagate the MoTW present in archives to extracted information, permitting these information to even be protected with the Home windows safety characteristic.
MoTW is a robust safety characteristic that’s generally focused by risk actors who try to seek out zero-day flaws that permit their malicious information to bypass Home windows’ safety warnings.
Nevertheless, some might contemplate it a privateness concern, as if the file is shared with one other individual, the “Zone.Identifier” accommodates data that would reveal delicate details about the place a file was downloaded from.
It’s because the Zone.Identifier flag accommodates a variety of details about a downloaded file, together with the Web Zone (ZoneID) it was downloaded from, the URL to the file, the URL referring to the file, and in some circumstances, the IP handle of the host it was downloaded from.
Supply: BleepingComputer
As a part of WinRAR 7.10, a brand new setting is enabled by default referred to as “Zone worth solely” that strips all data from MoTW alternate knowledge streams apart from the ZoneId when it’s propagated to extracted information.
Supply: BleepingComputer
This enables the Mark-of-the-Net safety characteristic to proceed to work with extracted information, however the alternate knowledge stream can now not be used to be taught the place the file was downloaded.
For individuals who want to allow full propagation of MoTW knowledge, you will want to enter the WinRAR settings > Safety and uncheck “Zone worth solely.”
Whereas this new setting might hamper digital forensics, it’s a welcome characteristic for many who need the strictest privateness.