Plan Office File Validation settings for Office 2010
Applies to: Office 2010
Topic Last Modified: 2011-08-05
If you want to change how Microsoft Office 2010 validates files that are stored in Microsoft Office binary file formats, you can configure Office File Validation settings. Office File Validation is a new security feature in Office 2010 that helps prevent file format attacks by scanning Office binary file formats before they are opened in Microsoft Excel 2010, Microsoft PowerPoint 2010, or Microsoft Word 2010.
In this article:
Office File Validation helps detect and prevent a kind of exploit known as a file format attack or file fuzzing attack. File format attacks exploit the integrity of a file, and they occur when someone modifies the structure of a file with the intent of adding malicious code. Usually the malicious code is run remotely and is used to elevate the privilege of restricted accounts on the computer. As a result, an attacker could gain access to a computer that they did not previously have access to. This could enable an attacker to read sensitive information from the computer’s hard disk drive or install malware, such as a worm or a key logging program. The Office File Validation feature helps prevent file format attacks by scanning and validating files before they are opened. To validate files, Office File Validation compares a file’s structure to a predefined file schema, which is a set of rules that determine what a readable file looks like. If Office File Validation detects that a file’s structure does not follow all rules described in the schema, the file does not pass validation.
File format attacks occur most frequently in files that are stored in Office binary file formats. For this reason, Office File Validation scans and validates the following kinds of files:
Excel 97-2003 Workbook files. These files have an .xls extension and include all Binary Interchange File Format 8 (BIFF8) files.
Excel 97-2003 Template files. These files have an .xlt extension and include all BIFF8 files.
Microsoft Excel 5.0/95 files. These files have an .xls extension and include all BIFF5 files.
PowerPoint 97-2003 Presentation files. These files have a .ppt extension.
PowerPoint 97-2003 Show files. These files have a .pps extension.
PowerPoint 97-2003 Template files. These files have a .pot extension.
Word 97-2003 Document files. These files have a .doc extension.
Word 97-2003 Template files. These files have a .dot extension.
Office 2010 provides several settings that let you change how the Office File Validation feature behaves. You can use these settings to do the following:
Disable Office File Validation.
Specify document behavior when a file fails validation.
Prevent Office 2010 from sending Office File Validation information to Microsoft.
|For detailed information about the settings that are discussed in this article, see Security policies and settings in Office 2010. For information about how to configure security settings in the Office Customization Tool (OCT) and the Office 2010 Administrative Templates, see Configure security for Office 2010.|
By default, Office File Validation is enabled in Excel 2010, PowerPoint 2010, and Word 2010. Any files that fail validation are opened in Protected View and users can choose to enable editing for files that fail validation but are opened in Protected View. Also, users are prompted to send Office File Validation information to Microsoft. Information is collected only for files that fail validation.
We recommend that you do not change the default settings for Office File Validation. However, some organizations might have to configure Office File Validation settings to suit special security requirements. Specifically, organizations that have the following security requirements might have to change the default settings for the Office File Validation feature:
Organizations that restrict access to the Internet. Office File Validation prompts users to send validation error information to Microsoft approximately every two weeks. This could violate an organization’s Internet access policies. In this case, you might need to prevent Office File Validation from sending the information to Microsoft. For more information, see Turn off Office File Validation reporting later in this article.
Organizations that have highly restrictive security environments. You can configure Office File Validation so that files that fail validation cannot be opened or can only be opened in Protected View. This is a more restrictive than the default settings for Office File Validation and might be suitable to organizations that have a locked-down security environment. For more information about how to change document behavior, see Change document behavior when validation fails later in this article.
Organizations that do not want their files sent to Microsoft. If users allow it, Office File Validation sends a copy of all files that fail validation to Microsoft. You can configure Office File Validation so that users are not prompted to send validation information to Microsoft.
You can use the Turn off file validation setting to disable Office File Validation. This setting must be configured on a per-application basis for Excel 2010, PowerPoint 2010, and Word 2010. This setting prevents files that are stored in the Office binary file format from being scanned and validated. For example, if you enable the Turn off file validation setting for Excel 2010, Office File Validation does not scan or validate Excel 97-2003 Workbook files, Excel 97-2003 Template files, or Microsoft Excel 5.0/95 files. If a user opens one of those file types, and the file contains a file format attack, the attack will not be detected or prevented unless some other security control detects and prevents such an attack.
We recommend that you do not turn off Office File Validation. Office File Validation is a key part of the layered defense strategy in Office 2010 and should be enabled on all computers throughout an organization. If you want to prevent files from being validated by the Office File Validation feature, we recommend that you use the Trusted Locations feature. Files that are opened from trusted locations skip Office File Validation checks. You can also use the Trusted Documents feature to prevent a file from being validated by Office File Validation. Files that are considered to be trusted documents do not undergo Office File Validation checks.
You can use the Set document behavior if file validation fails setting to change how documents behave when they fail validation. When you enable this setting, you can select one of the following three options:
Block files completely Files that fail validation do not open in Protected View and users cannot open files for editing.
Open files in Protected View and disallow edit Files open in Protected View so users can see the content of the file, but users cannot open files for editing.
Open files in Protected View and allow edit Files open in Protected View and users can choose to open files for editing. This option represents the default behavior of the Office File Validation feature.
If you select the Open files in Protected View and disallow edit option, users see the following text in the Message Bar when a file fails validation:
Protected View Office has detected a problem with this file. Editing it may harm your computer. Click for more details.
If a user clicks the Message Bar, the Microsoft Office Backstage view appears, which provides a more lengthy description of the problem and lets users enable the file for editing.
If you select the Block files completely option, users see the following text in a dialog box when a file fails validation:
Office has detected a problem with this file. To help protect your computer this file cannot be opened.
Users can expand the dialog box and see a more detailed explanation of why the file does not open, or they can close the dialog box by clicking OK.
You can use the Turn off error reporting for files that fail file validation setting to suppress the dialog box that prompts users to send information to Microsoft. This setting also prevents validation information from being sent to Microsoft.
Every time that a file fails validation, Office 2010 collects information about why the file failed validation. Approximately two weeks after a file fails validation, Office 2010 prompts users to send Office File Validation information to Microsoft. The validation information includes such things as the file types, file sizes, how long it took to open the files, and how long it took to validate the files. Copies of the files that failed validation are also sent to Microsoft. Users see the list of files when they are prompted to send validation information to Microsoft. Users can decline to send validation information to Microsoft, which means no information about failed validations is sent to Microsoft and no files are sent to Microsoft. If an organization restricts Internet access, has restrictive Internet access policies, or does not want files sent to Microsoft, you might have to enable the Turn off error reporting for files that fail file validation setting.
|The Office File Validation feature can occasionally indicate that a file failed validation when in fact the file is valid. The validation reporting feature helps Microsoft improve the Office File Validation feature and minimize the occurrence of false positive results.|
|For the latest information about policy settings, refer to the Microsoft Excel 2010 workbook Office2010GroupPolicyAndOCTSettings_Reference.xls, which is available in the Files in this Download section on the Office 2010 Administrative Template files (ADM, ADMX, ADML) and Office Customization Tool (http://go.microsoft.com/fwlink/p/?LinkID=189316&clcid=0x409) download page.|