Knowledge Center

Application Control denies zip files when run in the context of Java.exe or Javaw.exe
Technical Articles ID:   KB86758
Last Modified:  5/30/2017


McAfee Application Control 8.x, 7.x, 6.x
Microsoft Windows (all supported versions)


Application Control prevents zip files from executing when they run in the context of Java.exe or Javaw.exe. A zip file is denied from running even if the following conditions exist:
  • Zip is not a supported file type.
  • No rule is configured to validate the execution of zip files.


Application Control validates the execution of JAR files in the context of Java.exe and Javaw.exe.

A JAR file is a Java package built on the zip file format. A zip file can be a Java package similar to a JAR file. To ensure that no unauthorized Java package (with an extension other than zip) is allowed to run, Application Control tracks and validates whether a zip file is a Java package. If the zip file is determined to be a Java package with Java.exe or Javaw.exe as the calling process, it is denied from running.


This is expected behavior.


  1. Download the SHA-1 checksum tool from Microsoft (support.microsoft.com/en-us/help/841290).
  2. Calculate SHA-1 checksum for the zip file. The following is an example of the checksum being created by the tool:

C:\Users\WIN10-x64\Desktop\SHA>fciv.exe -sha1 c:\File.zip
// File Checksum Integrity Verifier version 2.05.
44f975a110012e65da7155802f7cb1849ee4f386 C:\file.zip

  1. Create a new rule policy for Executable Files in the Policy Catalog of EPO and push the policy to the client.

Rate this document


This article is available in the following languages:

English United States

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.