windows - "This file came from another computer and might be blocked to protect this computer" inconsistency -


i encountering strange inconsistency message. basically, symantec extended validation code signing on our windows product installer. had been doing since end of july (it not automated yet) , had done more 50 signings different products' releases. verification process involve: 1. running signtool /verify option check signing done properly. 2. manually open file's properties double check sure.

yesterday, our tester product release noticed problem on windows 2003 , windows 2008 box , discovered message files' properties. internet search points ntfs's feature.

however, here discrepancies trying figure out. when start vagrant image running windows 2012 r2 (64bit) ntfs system , download signed installer, noticed "zone.identifier" not removed when more < myinstaller.exe:zone.identifier; , if bring file's properties, don't see warning/error "this file came computer , might blocked protect computer". , therefore during manual test run, okay.

i trying identify difference , looked thru "local group policy" "do not preserve zone information in file attachment"; , not configured. checked hkey_current_user\software\microsoft\windows\currentversion\policies, , there no "attachements\savezoneinformation" setting. checked browser settings "trusted site" , etc , found no difference (based on quick manual browsing). don't understand why vagrant image can strip off "message" (and not blocking file) without stripping zone id. also, don't understand how come problem noticed yesterday , not earlier... still trying sort out.

i find other options beside asking our customers edit pcs. shouldn't purpose of "signed-certificate" allow our users trust download?


Comments

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

asp.net - Problems sending emails from forum -