Jump to content

SaveZoneInformation Revisited


Recommended Posts

I guess most of you know what this is about. It's a well known tweak to disable the "file open security warning". It's very popular, even in this board (mentioned in more then 40 threads - and I read them all :wacko: ). However, all of them are only copy/paste, same as everywhere on the web - and the only credible source (The ONLY description at Microsoft) is very ambiguous.

Do not preserve zone information in file attachments
This policy setting lets you manage whether Windows marks file attachments that have information about their zone of origin. These zones or origin are Internet, intranet, and local. This policy setting requires the NTFS file system to function correctly and will fail without notice on systems that use FAT32. By not preserving the zone information, Windows cannot make appropriate risks assessments. If you enable this policy setting, Windows does not mark file attachments by using their zone information. If you disable this policy setting, Windows marks file attachments by using their zone information. If you do not configure this policy setting, Windows marks file attachments by using their zone information.

Group Policy User Configuration\Administrative Templates\Windows Components\Attachment Manager

Registry Subkey HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments

Registry Entry SaveZoneInformation

Entry Value On (1) or Off (2)

So, what value is needed to be set? Positive or negative logic? The "entry value" refers to "policy setting" or "registry entry"?

The main thing that raised my suspicion is that I discovered I had originally set the value to 2 (a couple of years ago - yeah, without reinstall :thumbup ) and never ever seen the warning. I searched the whole registry and found it on two places - both were set to 2). And although I use so many reg tweaks I can't keep track of them any more, the LowRiskFileTypes tweak, which often acompanies this one, is not present on my computer. If it's another (which is quite possible), which one?

And as I said, the only critical opinion on this tweak was this one (yeah, old threads are useful too), but the values aren't right, so again I'm suspicious.

As I don't have the energy to fire up a virtual machine and install XP SP2 or 3 to do the testing (but will do later on if necessary), I'm asking for any further meaningful info on the subject. B)


Link to comment
Share on other sites

  • 2 years later...

Here infos from Microsoft:


I can give you my method to disable it:


Run gpedit.msc, and go to Local Computer Policy\User

Configuration\Administrative Templates\Windows

Components\Attachment Manager and enable "Default risk level for file

attachments", and then enable "Inclusion list for low risk file types"

add .exe;.msi

No reboot needed


Link to comment
Share on other sites

Stupid of me to try to find logic with Microsoft. :) I just set it to 2 and enjoy. As for my list of low risk file types, it's much much longer than that. I try to include every possible filetype I have on my HDDs. Why? Because this "feature" isn't a real protection, just an annoyance.


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Create New...