Office File Validation for Office 2007 SP3
Updated: October 24, 2011
Applies To: Office Resource Kit
This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.
Topic Last Modified: 2016-11-14
Two updated error messages for the Office File Validation feature in Office 2007 SP3 now provide more detailed information and options. You will encounter these messages if you attempt to open files that are stored in Office binary file formats and if the files do not pass scanning and validation checks.
Office binary file formats are also known as Microsoft Office 97-2003 file formats.
One of these messages offers you safer ways of opening the file. The other tells you that you cannot open the file at all.
Security Alert – Office File Validation - Help protect your computer with these safer options:
If you received this error message: ““WARNING: Office File Validation detected a problem while trying to open this file. Opening this is probably dangerous, and may allow a malicious user to take over your computer,”” you can click the safer options link and then use one of the following options:
View the file in Office 2010 by using Protected View
Use the Microsoft Office Isolated Conversion Environment (MOICE) feature
Open the file inside a virtual machine
Use Office 2010 Protected View
Protected View is a new security feature in Office 2010 that helps mitigate exploits to your computer by opening files in a restricted environment so they can be examined before they are opened for editing. When a file is opened in Protected View, users can view the file content but they cannot edit, save, or print it. Active file content is not enabled. This includes ActiveX controls, add-ins, database connections, hyperlinks, and Visual Basic for Applications (VBA) macros. However, users can copy content from the files and paste it into other documents. For more information about Protected View in Office 2010 see the TechNet article, Plan Protected View settings for Office 2010.
You can use the Microsoft Office Isolated Conversion Environment (MOICE) feature that is added to the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 file formats to more securely open Office binary format files. MOICE uses the 2007 Microsoft Office system converters to convert the Office binary format files into the Office Open XML format. This process helps remove the potential threat that may exist if the document is opened in the binary format. Additionally, MOICE converts incoming files in an isolated environment. This helps protect the computer from a potential threat. For download and installation instructions about MOICE see the Microsoft Support article, Description of the Microsoft Office Isolated Conversion Environment update for the Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Use an isolated virtual machine
You can use an isolated (not connected to the network) virtual machine to open the file. However, if there is malware in the file that did not pass the Office File Validation scanning and validation checks, the virtual machine may be affected by the malware. If this is the case, you may either have to remove the malware or, if it is necessary, rebuild the virtual machine. Rebuilding a virtual machine is fairly easy compared to rebuilding the actual computer. For more information about virtual machines see the TechNet article, Desktop Virtualization.
Security Alert – Office File Validation – file cannot be opened
If you received this error message: ““Warning: Office File Validation detected a problem while trying to open this file. For security reasons this file cannot be opened,”” the file that you tried to open could be considered compromised. You cannot open the file because your system administrator set a policy to help prevent unknown binary file format attacks against Microsoft Office 97-2003 file formats. For possible options of viewing and opening this document contact your system administrator.