Plan Office File Validation settings for Office 2013
Applies to: Office 365 ProPlus, Office
Topic Last Modified: 2014-06-05
Summary: Explains how Office File Validation settings can help prevent file format attacks in Office 2013.
Audience: IT Professionals
Office File Validation is a security feature in Office 2013 that helps prevent file format attacks by scanning Office binary file formats before they are opened in Excel 2013, PowerPoint 2013, or Word 2013. You can change how Office 2013 validates files that are stored in Microsoft Office binary file formats by configuring Office File Validation settings.
This article is part of the Guide to Office 2013 security. Use the roadmap as a starting point for articles, downloads, posters, and videos that help you assess Office 2013 security.
Are you looking for security information about individual Office 2013 applications? You can find this information by searching for “2013 security” on Office.com.
In this article:
Office File Validation helps detect and prevent a kind of exploit known as a file format attack or file fuzzing attack. File format attacks exploit the integrity of a file. They occur when someone modifies the structure of a file with the intent of adding malicious code. Usually the malicious code is run remotely and is used to elevate the privilege of restricted accounts on the computer. As a result, an attacker could gain access to a computer that they did not previously have access to. This could enable an attacker to read sensitive information from the computer’s hard disk drive or install malware, such as a worm or a key logging program. The Office File Validation feature helps prevent file format attacks by scanning and validating files before they are opened. To validate files, Office File Validation compares a file’s structure to a predefined file schema, which is a set of rules that determine what a readable file looks like. If Office File Validation detects that a file’s structure does not follow all rules that are described in the schema, the file does not pass validation.
File format attacks occur most frequently in files that are stored in Office binary file formats. For this reason, Office File Validation scans and validates the following kinds of files:
Excel 97-2003 Workbook files. These files have an .xls extension and include all Binary Interchange File Format 8 (BIFF8) files.
Excel 97-2003 Template files. These files have an .xlt extension and include all BIFF8 files.
Microsoft Excel 5.0/95 files. These files have an .xls extension and include all BIFF5 files.
PowerPoint 97-2003 Presentation files. These files have a .ppt extension.
PowerPoint 97-2003 Show files. These files have a .pps extension.
PowerPoint 97-2003 Template files. These files have a .pot extension.
Word 97-2003 Document files. These files have a .doc extension.
Word 97-2003 Template files. These files have a .dot extension.
Office 2013 provides several settings that let you change how the Office File Validation feature behaves. You can use these settings to do the following:
Disable Office File Validation.
Specify document behavior when a file fails validation.
Prevent Office 2013 from sending Office File Validation information to Microsoft.
|For information about how to configure security settings in the Office Customization Tool (OCT) and the Office 2013 Administrative Templates, see Configure security by using OCT or Group Policy for Office 2013.|
By default, Office File Validation is enabled in Excel 2013, PowerPoint 2013, and Word 2013. Any files that fail validation are opened in Protected View. Users can choose to enable editing for these files. Also, users are prompted to send Office File Validation information to Microsoft. If users grant permission, only information for files that fail validation is collected and sent to Microsoft.
We recommend that you do not change the default settings for Office File Validation. However, some organizations might have to configure Office File Validation settings to suit special security requirements. Specifically, the following types of organizations have security requirements that might require a change to the default settings for the Office File Validation feature:
Organizations that restrict access to the Internet. Office File Validation prompts users to send validation error information to Microsoft approximately every two weeks. This could violate an organization’s Internet access policies. In this case, you might choose to prevent Office File Validation from sending the information to Microsoft. For more information, see Turn off Office File Validation reporting in Office 2013 later in this article.
Organizations that have highly restrictive security environments. You can configure Office File Validation so that files that fail validation cannot be opened or can only be opened in Protected View. This is more restrictive than the default settings for Office File Validation and might be suitable to organizations that have a locked-down security environment. For more information about how to change document behavior, see Change document behavior when validation fails in Office 2013 later in this article.
Organizations that do not want their files sent to Microsoft. If users allow it, Office File Validation sends a copy of all files that fail validation to Microsoft. You can configure Office File Validation so that users are not prompted to send validation information to Microsoft.
You can use the Turn off file validation setting to disable Office File Validation. This setting must be configured on a per-application basis for Excel 2013, PowerPoint 2013, and Word 2013. This setting prevents files that are stored in the Office binary file format from being scanned and validated. For example, if you enable the Turn off file validation setting for Excel 2013, Office File Validation does not scan or validate Excel 97-2003 Workbook files, Excel 97-2003 Template files, or Microsoft Excel 5.0/95 files. If a user opens one of those file types, and the file contains a file format attack, the attack will not be detected or prevented unless some other security control detects and prevents such an attack.
We recommend that you do not turn off Office File Validation. Office File Validation is a key part of the layered defense strategy in Office 2013 and should be enabled on all computers throughout an organization. If you want to prevent files from being validated by the Office File Validation feature, we recommend that you use the Trusted Locations feature. Files that are opened from trusted locations skip Office File Validation checks. You can also use the Trusted Documents feature to prevent a file from being validated by Office File Validation. Files that are considered to be trusted documents do not undergo Office File Validation checks.
You can use the Set document behavior if file validation fails Group Policy setting to change how documents behave when they fail validation. When you enable this setting, you can select one of the following two options:
Block files Files that fail validation do not open in Protected View and users cannot open files for editing.
If you select the Open files in Protected View option, when a file fails validation, users see the following text in the Message Bar:
PROTECTED VIEW Office has detected a problem with this file. Click for more details.
If a user clicks the Message Bar, the Microsoft Office Backstage view appears, which provides a more lengthy description of the problem and lets users enable the file for editing.
Open files in Protected View Files open in Protected View so users can see the content of the file, but users cannot open files for editing. This option represents the default behavior of the Office File Validation feature.
If you select the Block files option, users see the following text in a dialog box when a file fails validation:
Office has detected a problem with this file. To help protect your computer this file cannot be opened.
Users can expand the dialog box and see a more detailed explanation of why the file does not open, or they can close the dialog box by selecting OK.
You can use the Turn off error reporting for files that fail file validation Group Policy setting to suppress the dialog box that prompts users to send information to Microsoft. This setting also prevents validation information from being sent to Microsoft.
Every time that a file fails validation, Office 2013 collects information about why the file failed validation. Approximately two weeks after a file fails validation, Office 2013 prompts users to send Office File Validation information to Microsoft. The validation information includes such things as the file types, file sizes, how long it took to open the files, and how long it took to validate the files. Copies of the files that failed validation are also sent to Microsoft. Users see the list of files when they are prompted to send validation information to Microsoft. Users can decline to send validation information to Microsoft, which means no information about failed validations is sent to Microsoft and no files are sent to Microsoft. If an organization restricts Internet access, has restrictive Internet access policies, or does not want files sent to Microsoft, you might have to enable the Turn off error reporting for files that fail file validation Group Policy setting.
|The Office File Validation feature can occasionally indicate that a file failed validation when in fact the file is valid. The validation reporting feature helps Microsoft improve the Office File Validation feature and minimize the occurrence of false positive results.|
|For the latest information about Group Policy settings, refer to the Office 2013 Administrative Template files (ADM, ADMX, ADML) and Office Customization Tool article.|