Jump to content

Windows Package Manager v0.2.3162 Preview


Recommended Posts

This release improves the experimental list and upgrade commands by showing Add/Remove Programs (ARP) entries.

The default location for installer logs was moved to the same location as winget logs, thus allowing them to be collected by Feedback Hub. If you encounter a bug, just submit feedback [Windows]+[f] and the logs will be sent for us to be able to review what went wrong.

Trusted sources (like the Microsoft Community Package Manager Repository) will have downloaded files set to Zone 2. Other sources will have be set to Zone 3, and the file will be run through all local Anti-virus (AV) software by attachment execution services.


Here is what we do when downloading and executing an installer:

  1. Always set "Mark of the Web" with ZoneIdentifier URLZONE_INTERNET(3) when downloading the installer.
  2. Verify the installer SHA256
  • If the hash does not match: Leave "Mark of the Web" at URLZONE_INTERNET(3)
  • If the hash matches:
    • If the installer is from a trusted source, modify "Mark of the Web" to ZoneIdentifier URLZONE_TRUSTED(2)
    • If the installer is from an untrusted source, call Attachment Execution Service to trigger anti virus and determine ZoneIdentifier


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...