Compressed File Handling

Compressed files provide a number of special security concerns. Compressed files can be password-protected or encrypted, can harbor so-called "zip-of-death" security risks, and can contain numerous compression layers.

Parent topic: Advanced Threat Protection

Compression Types

Cloud App Security extracts and scans files compressed using the most popular compression types (listed below). Cloud App Security also checks for malware "smuggled" within nested compressions. Example: An infected file that is zipped, ARJ-compressed, MS-compressed, and zipped again.

Note:

Cloud App Security supports scanning up to 5 recursive compression layers maximum.

Table 1. Supported Compression Types

  • Archive created by LHA (.lzh)

  • MacBinary (.bin)

  • Archive created by Pkzip (.zip)

  • Microsoft Cabinet (.cab)

  • Archive created by RAR (.rar)

  • Microsoft Compressed/MSCOMP

  • Archive created by Tar (.tar)

  • MIME (.eml; .mht)

  • ARJ Compressed archive (.arj)

  • Teledisk format (.td0)

  • BINHEX (.hqx)

  • Unix BZ2 Bzip compressed file (.bz2)

  • GNU Zip (.gz; .gzip)

  • UUEncode (.u)

  • LZW/Compressed 16bits (.Z)

  • WinAce (.ace)