Loading...

Knowledge Center


Application Control denies zip files when run in the context of Java.exe or Javaw.exe
Technical Articles ID:   KB86758
Last Modified:  5/30/2017

Environment

McAfee Application Control 8.x, 7.x, 6.x
Microsoft Windows (all supported versions)

Problem

Application Control prevents zip files from executing when they run in the context of Java.exe or Javaw.exe. A zip file is denied from running even if the following conditions exist:
  • Zip is not a supported file type.
  • No rule is configured to validate the execution of zip files.

Cause

Application Control validates the execution of JAR files in the context of Java.exe and Javaw.exe.

A JAR file is a Java package built on the zip file format. A zip file can be a Java package similar to a JAR file. To ensure that no unauthorized Java package (with an extension other than zip) is allowed to run, Application Control tracks and validates whether a zip file is a Java package. If the zip file is determined to be a Java package with Java.exe or Javaw.exe as the calling process, it is denied from running.

Solution

This is expected behavior.

Workaround

  1. Download the SHA-1 checksum tool from Microsoft (support.microsoft.com/en-us/help/841290).
  2. Calculate SHA-1 checksum for the zip file. The following is an example of the checksum being created by the tool:

C:\Users\WIN10-x64\Desktop\SHA>fciv.exe -sha1 c:\File.zip
//
// File Checksum Integrity Verifier version 2.05.
//
44f975a110012e65da7155802f7cb1849ee4f386 C:\file.zip

  1. Create a new rule policy for Executable Files in the Policy Catalog of EPO and push the policy to the client.

Rate this document

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.