Archive File Classification Behavior Change for Windows Endpoints

Originally posted by Microsoft Nov 27, 2025 Uncategorized 0 Comments

Starting late November 2025, Windows endpoints will classify only outer archive files (e.g., .zip, .rar) directly, improving consistency and performance. Internal files won’t generate events, and no action is needed. Organizations should update documentation if necessary; no compliance issues are identified.

Introduction

We are updating archive file classification behavior on Windows endpoints to align with cloud workloads. This change improves consistency, reduces noise in event reporting, and enhances performance when processing archive files.

When this will happen:

The change will begin rolling out late November 2025 and will apply automatically.

How this affects your organization:

  • Who is affected: All organizations using Windows endpoints with archive file classification enabled.
  • What will happen:
    • Outer archive files (e.g., .zip, .rar) will now be classified directly.
    • Classification will be atomic for improved consistency and reduced latency.
    • Internal files within archives will no longer generate individual events; only the outer archive file will be reported.
    • Context and label-based rules will not apply to files inside the archive.
    • No admin or user action is required for this change to take effect.

What you can do to prepare:

  • No action is required.
  • If you maintain internal documentation on classification behavior, consider updating it to reflect these changes.

Compliance considerations:

No compliance considerations identified, review as appropriate for your organization.

Message ID: MC1190206

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: