How to Fix Office File Validation Warnings After Installing Windows Updates

Today a user received this warning when opening an email: “Office File Validation detected a problem while trying to open this file. Opening it may be dangerous”. The error only occurred when the email he was opening was formatted as Rich Text (i.e. RTF file). The user’s email client is Microsoft Outlook 2003 and he has enabled the setting “Use Microsoft Office Word 2003 to read Rich Text e-mail messages”. After a bit of investigation, it seems that the error started occurring afterhe installed a Windows Update on May 8, 2012.

I reviewed the user’s update history and on that day he installed the following Windows Updates:

  • Security Update for Microsoft Office Excel 2003 (KB2597086)
  • Security Update for Microsoft Office 2003 (KB2598253)
  • Update for Microsoft Office Outlook 2003 Junk Email Filter (KB2598343)
  • Security Update for Microsoft Office 2003 (KB2597112)
  • Security Update for Microsoft Office Word 2003 (KB2598332)

After reading the description of each of the above updates, I believe the one that caused the error is “Security Update for Microsoft Office Word 2003 (KB2598332)”. That update addresses “Microsoft Security Bulletin MS12-029 – Critical Vulnerability in Microsoft Word Could Allow Remote Code Execution”. Here’s a brief summary of that Security Bulletin:

This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This security update is rated Critical for all supported editions of Microsoft Word 2007. This security update is also rated Important for all supported editions of Microsoft Word 2003, Microsoft Office 2008 for Mac, and Microsoft Office for Mac 2011; and all supported versions of Microsoft Office Compatibility Pack. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities by modifying the way that Microsoft Office parses RTF-formatted data.

As you can see, the intention of the update was to fix that RTF vulnerability. However, in my user’s case, I believe the “Office File Validation” error was spurious and there was nothing sinister about the RTF emails he was trying to open. In other words, I think there is bug in the Windows Update (gee, that never happens…). I sent the user several simple and innocuous “Hello World” RTF emails and all of them generated the error message.

Until Microsoft fixes the bug, my only choice is to disable the Office File Validation feature for Word. Yes, I realize that could be potentially dangerous but it’s also dangerous to have annoyed users. Yup, it’s the whole “caught between a rock and a hard place” scenario. Unfortunately, Microsoft has a habit of putting IT administrators in that place time and time again. Sigh…

To disable the Office File Validation feature for Word, see the Microsoft Technet article, Office File Validation for Office 2003 and Office 2007. In that article, you’ll need to scroll down to the section that starts with “To prevent Office File Validation from validating files…”.

In a nutshell, you’ll first need to start regedit and create a registry key. The exact key name depends on the version of Office you have. In my user’s case, the key was:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Word\Security\FileValidation

Inside that key, you’ll need to create a DWORD value named EnableOnLoad and set it to 0, which means “don’t validate”.

After setting that registry value, you’ll need to restart Outlook, then you should be able to open the RTF email without getting the spurious error message.

If this tip helped you, please leave a comment!

Be Sociable, Share!

    19 comments to How to Fix Office File Validation Warnings After Installing Windows Updates

    • Cheers, this pointed me in the right direction!

      I notice the Microsoft article you linked to mentions issues with files on a network drive on Excel 2003 after the patch was pushed out; I have the same issue with Word 2003 using a .dot (not even an RTF!), and all is fine after the registry patch.

      Hopefully a patch for the patch will be forthcoming…

    • Stuart

      I’m finding that this MS update is causing very slow loading for Word files across a network (using Word 2003). No problems with opening local files. Very similar to the problem that was introduced by Office File Validation with Excel files when it was pushed down by Windows update. Uninstalling KB2598332 fixes the problem

    • Jonzo

      Rolling back the patch works, but it depends on how keen your IT security people are on that approach.

      If you create a new EnableOnLoad DWORD as per http://technet.microsoft.com/en-us/library/gg985445%28v=office.12%29.aspx then you have a workaround, plus Windows Update / IS stop nagging you about it ;-)

    • Doh! I forgot to include the name of the registry DWORD value (EnableOnLoad) in my original post. I have now added it. Thanks Jonzo.

    • Stefan

      thank you very much you saved my evening!!!!!!!!!!

    • IT Support

      Shame MS didn’t test the service pack before release.

    • Jonzo

      I’m sure they did.. The update for Office 2007 works fine, but not for the product that they’d like to phase out ;-)

    • Karen

      Another way to “skin this cat” is to uncheck the Mail Format Option to use Word 2003 to read Rich Text messages on the affected clients – no registry edit required!

    • Karen, yes you are right although many users insist on using Word for this. Silly people!

    • Tito

      Hi, guys…
      The thing is I don’t have “HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Word\Security\FileValidation”

      There is Excel but not Word.

      No “12.0″ either….

      If I roll back the patch it’s back to normal.

    • Tito, you will probably have to add the registry keys and values manually if they aren’t there. I believe I had to. As for 11.0 vs 12.0 it depends on the version of Office you have. Use Help | About to get the version.

    • Tito

      Thank you Joe.

      I was about to do that but was wondering why it wasn’t there.

    • Tito

      Not working…

      I added the registry keys and values manually and it doesn’t change a thing…

    • Bob

      The registry modification works fine here for Word 2003 under XP.

      Already had the Enable on Load problem fixed for Excel and since the symptoms where pretty much the same, I tought I’d try the same for Word – your post confirmed the problem and solution!

    • Jonzo

      You may find that the key is actually at HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileValidation rather than the location specified.

    • Rob

      Karen’s comment (and Joe Kelly’s subsequent comment) helped me and easy too. All resolved. Thank you.

    • Zermelo

      Thanks, this worked great! Thanx.

    • JP

      Is there a setting that will disable this for all users and not just the Current User? I’ve got several shared PC’s that have this issue and changing the registry for each one is going to be a pain, unless I put something in their login script to make the registry change.

    • Chris

      Removing the check mark from use ‘Word’ to view Rich Text Messages worked wonders, and was so easy…
      Thank you Karen, Kudo’s!!! (°£°)