Hello, welcome to the Monday, April 18th, 2020 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich.

And I'm recording from Marietta, Florida.

This weekend, DDA took a closer look at how newer versions of Microsoft Office are dealing with files inside of ISOs.

Now, isophiles are treated pretty much like a physical CD or DVD.

You may mount it as a drive.

And then, of course, in the past, the problem was if you downloaded this ISO file from the

internet. Whenever you download a file from the internet, an alternative data stream is added

in Windows that contains what's often referred to as the mark of the web and that tells software

like Microsoft Office that this particular file should be treated with caution.

Now, the problem in the past was, is that the ISO file, it may contain this mark of the web,

but any files inside the ISO did not contain the mark.

Well, that behavior now luckily has changed.

DDA took a look at it, and it does appear that if you are now opening a document from inside

an ISO file that you downloaded from the internet, all the restrictions are applied

that would be applied if this particular file would have been downloaded

directly and not inside an ISO.

Now, on Twitter there were actually some interesting comments about this when it comes to SIP

files.

Similar problem with SIP files, you download the SIP file.

The SIP file now has the mark of the web, but if you're extracting files from the zip file, they may not.

And it depends apparently on the software that you're using to do the extraction.

...