Memorise

Outlook blocked access to the following potentially unsafe attachments

You may receive an “Outlook blocked access to the following potentially unsafe attachments” message in Outlook

Advanced troubleshooting

If you do not use Outlook with an Exchange server or if the Exchange server administrator lets users change the Outlook attachment security behavior, use method 1: “Customize attachment security behavior.”

If you use Outlook with an Exchange server and the Exchange Server administrator has disallowed changes to the Outlook attachment security behavior, use method 2: “Configure Outlook in an Exchange environment.”

Method 1: Customize attachment security behavior

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756  How to back up and restore the registry in Windows

Important Before you can customize the attachment security behavior in Outlook 2000 SR1 and Microsoft Outlook 2000 SR1a, you must first apply either Microsoft Office 2000 Service Pack 2 or Microsoft Office 2000 Service Pack 3.

Follow these steps to modify the registry and change Outlook’s attachment security behavior.

  1. Exit Outlook if it is running.
  2. Click Start, and then click Run. Copy and paste (or type) the following command in the Open box, and then press ENTER:
    regedit
  3. Verify that the following registry key for your version of Outlook exists.
    Microsoft Office Outlook 2010

    HKEY_CURRENT_USERSoftwareMicrosoftOffice14.0OutlookSecurity

    Microsoft Office Outlook 2007

    HKEY_CURRENT_USERSoftwareMicrosoftOffice12.0OutlookSecurity

    Microsoft Office Outlook 2003

    HKEY_CURRENT_USERSoftwareMicrosoftOffice11.0OutlookSecurity

    Microsoft Outlook 2002

    HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0OutlookSecurity

    Microsoft Outlook 2000

    HKEY_CURRENT_USERSoftwareMicrosoftOffice9.0OutlookSecurity

    If the registry key exists, go to step 5.

    If the registry key does not exist, follow these steps to create it:

    1. Locate, and then click the following registry key:
      HKEY_CURRENT_USERSoftwareMicrosoft
    2. Under Edit, click New, and then click Key.
    3. Type Office, and then press ENTER.
    4. Under Edit, click New, and then click Key.
    5. For Outlook 2010, type 14.0, and then press ENTER.
      For Outlook 2007, type 12.0, and then press ENTER.
      For Outlook 2003, type 11.0, and then press ENTER.
      For Outlook 2002, type 10.0, and then press ENTER.
      For Outlook 2000, type 9.0, and then press ENTER.
    6. Under Edit, click New, and then click Key.
    7. Type Outlook, and then press ENTER.
    8. Under Edit, click New, and then click Key.
    9. Type Security, and then press ENTER.
  4. Under Edit, click New, and then click String Value.
  5. Copy and paste (or type) the following name for the new value:
    Level1Remove
  6. Press ENTER.
  7. Right-click the new string value name, and then click Modify.
  8. Type the file name extension of the file type that you want to open in Outlook. For example:
    .exe

    To specify multiple file types, use the following format:

    .exe;.com
  9. Click OK.
  10. Exit Registry Editor.
  11. Restart your computer.

When you start Outlook, you can open the file types that you specified in the registry.

Note We recommend that you enable only the file types that you have to have. If you rarely receive a particular file type, we recommend that you give Outlook temporary access to the file type that is in question. Then, reconfigure Outlook to block the file type by undoing the changes to the registry. For more information about how you can configure Outlook to block attachment file name extensions that Outlook does not block by default, click the following article number to view the article in the Microsoft Knowledge Base:

837388   How to configure Outlook to block additional attachment file name extensions

Method 2: Configure Outlook in an Exchange environment

If you run Outlook in an Exchange environment, the Exchange server administrator can change the default attachment security behavior. For more information about how to configure Outlook in an Exchange environment, click the following article numbers to view the articles in the Microsoft Knowledge Base:

290499  Administrator information about e-mail security features
263297  Administrator information about the Outlook E-mail Security update: June 7, 2000
Back to the top

Attachment Behavior

Attachments are divided into three groups based on their file name extension or file type. Outlook handles each group in a specific way.

Level 1 (Unsafe)

The unsafe category represents any file name extension that may have script or code associated with it. You cannot open any attachment that has an unsafe file name extension. For a list of the unsafe file name extensions, visit the following Microsoft Web site:

http://office.microsoft.com/en-us/outlook/HA012299521033.aspx

The following list describes how Outlook behaves when you receive or send an unsafe file attachment:

  • You cannot save, delete, open, print, or otherwise work with unsafe files. A message at the top of the e-mail message indicates that Outlook has blocked access to the unsafe attachment. The attachment is inaccessible from Outlook. However, the attachment is not actually removed from the e-mail message.
  • If you forward an e-mail message that has an unsafe attachment, the attachment is not included in the forwarded e-mail message.
  • If you send an e-mail message that contains an unsafe attachment, you receive a warning message that states that other Outlook recipients may be unable to access the attachment that you are trying to send. You can safely ignore the warning message and send the e-mail message, or you can decide not to send the e-mail message.
  • In Outlook 2003, if you save or close an e-mail message that contains an unsafe attachment, you receive a warning message that states that you will be unable to open the attachment. You can override the warning message and save the e-mail message.
  • You cannot use the Insert Object command to open objects that are inserted in Microsoft Outlook Rich Text e-mail messages. You see a visual representation of the object. However, you cannot open or enable the object in the e-mail message.
  • You cannot open unsafe files that are stored in an Outlook or an Exchange folder. Although these files are not attached to an Outlook item, they are still considered unsafe. When you try to open the unsafe file, you receive the following error message:
    Can’t open the item. Outlook blocked access to this potentially unsafe item.

Level 2

Level 2 files are not unsafe. However, they do require more security than other attachments. When you receive a Level 2 attachment, Outlook prompts you to save the attachment to a disk. You cannot open the attachment in the e-mail message. By default, file name extensions are not associated with this group. However, if you use Outlook with an Exchange server and your mail is delivered to an Exchange mailbox, the Exchange server administrator can add file name extensions to the Level 2 list.

Other Attachments

When you try to open an attachment that has a file name extension other than those in the Level 1 or the Level 2 list, Outlook prompts you to either open the file directly or save it to a disk. You can turn off future prompts for that file name extension if you clear the Always ask before opening this type of file check box.

Note If a program associates itself with a new file name extension, Outlook treats that file name extension as safe until you add the file name extension to the list of Level 1 or Level 2 file name extensions.

For example, if you install a program on your computer that uses files that have a .xyz file name extension, when you open an attachment that has a .xyz file name extension, the program opens and runs the attachment. By default, the .xyz file name extension does not appear on the Level 1 or the Level 2 list. Therefore, Outlook treats it as a safe file name extension. If you want Outlook to treat attachments that have the .xyz file name extension as unsafe, you must add the .xyz file name extension to the list of Level 1 file name extensions.


Categorised as: Microsoft


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.