Security settings for graphic filters for Microsoft Office 2010, the 2007 Microsoft Office system, Microsoft Office 2003, and Microsoft Office XP

Article translations Article translations
Article ID: 2479871 - View products that this article applies to.

Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.
Expand all | Collapse all

On This Page

Introduction

Beginning in Microsoft Security Advisory MS10-105, the security update that is described in the security advisory lets users and administrators control when and how Microsoft Office loads images in Office programs by setting the "Allow List" in the registry.

For more information about Microsoft Security Advisory MS10-105, click the following article number to view the article in the Microsoft Knowledge Base:
968095 MS10-105: Vulnerability in Microsoft Office could allow for remote code execution
The security update applies to the Microsoft Access, Microsoft Excel, Microsoft FrontPage, Microsoft OneNote, Microsoft PowerPoint, Microsoft Publisher, and Microsoft Word programs that are listed in the "Applies to" section.

By default, the following graphic filters are enabled and do not require a registry subkey change after you apply the security update:
  • Bitmap (.bmp)
  • Encapsulated PostScript (.eps)
  • Graphics Interchange Format (.gif)
  • Joint Photographic Experts Group (.jpg, .jpeg)
  • Macintosh PICT (.pict)
  • Portable Network Graphics (.png)


MORE INFORMATION

Latest version numbers for the graphic filters

The following table lists the latest version numbers for the graphic filters together with the Microsoft Office version to which they apply.

Note This table lists the English file versions only.

Collapse this tableExpand this table
TypeDescriptionFile included in Office 2010File included in the 2007 Office systemFile included in Office 2003File included in Office XP
BMPBMPIM32.FLT2003.1100.8327.0
CDRCDRIMP32.FLT2003.1100.8169.02003.1100.5531.0
CGMCGMIMP32.FLT2006.1200.4518.10002006.1200.4518.10002003.1100.8249.02003.1100.8249.0
EPSEPSIMP32.FLT2006.1200.4518.10002006.1200.4518.10002003.1100.8314.02003.1100.8314.0
GIFGIFIMP32.FLT2003.1100.8327.02003.1100.8327.0
JPGJPEGIM32.FLT2003.1100.8327.02003.1100.8327.0
PCDPCDIMP32.FLT2003.1100.5510.0
PICTPICTIM32.FLT2006.1200.4518.10002006.1200.4518.10002003.1100.8249.02003.1100.8249.0
PNGPNG32.FLT2003.1100.8329.02003.1100.8329.0
WPGWPGIMP32.FLT2006.1200.4518.10002006.1200.4518.10002003.1100.8202.02003.1100.8202.0
FPXFPX32.FLT2.0.0.8152
PCDPCDIMP32.FLT2003.1100.5510.0
PCXPCXIMP32.FLT2000.10.2.0
TIFFTIFFIM32.FLT2000.10.25.0
WMFWMFIMP32.FLT1995.4.3.0

How to enable the graphics filter "Allow List"

Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

The "Allow List" and the enabled graphic filters can be set manually for a single computer or by using a Group Policy setting.

The graphic filters that you need to enable must be added to the following registry subkeys:
For a single computer:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImport

For a single computer that is running a 64-bit operating system:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImport

For a Group Policy setting:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImport

To enable the "Allow List" for graphic filters, the AllowListEnabled value must be set to 1. To disable the "Allow List," the AllowListEnabled value must be set to 0.

Note If the AllowListEnabled value does not exist, you must create it as a REG_DWORD type.

When the AllowListEnabled value is enabled, you can specify the list of graphic filters to enable by adding the graphic filters as a string value with the name FILTER.FLT (where FILTER.FLT is replaced with the actual name of the filter) together with the version number of the filter. The filter version number must use the following format:
XXXX.YYYY.ZZZZ.W

Note When you set the AllowListEnabled value to 1, the default list of enabled graphic filters is removed. To re-enable the default graphic filters and add the CGMIMP32.FLT graphic filter, you must specify them in the "Allow List."

The following table shows an example of the "Allow List" that contains the default graphic filters together with the CGMIMP32.FLT graphic filter:

Collapse this tableExpand this table
NameTypeData
(Default)REG_SZ(value not set)
AllowListEnabledREG_DWORD0x00000001 (1)
CGMIMP32.FLTREG_SZ2003.1100.8249.0
EPSIMP32.FLTREG_SZ2003.1100.8314.0
GIFIMP32.FLTREG_SZ2003.1100.8327.0
JPEGIM32.FLTREG_SZ2003.1100.8327.0
PICTIM32.FLTREG_SZ2003.1100.8249.0
PNG32.FLTREG_SZ2003.1100.8329.0

Properties

Article ID: 2479871 - Last Review: August 26, 2011 - Revision: 2.4
APPLIES TO
  • Microsoft Office Home and Business 2010
  • Microsoft Office Home and Student 2010
  • Microsoft Office Professional 2010
  • Microsoft Office Professional Academic 2010
  • Microsoft Office Professional Plus 2010
  • Microsoft Office Standard 2010
  • Microsoft Office Starter 2010
  • Microsoft Access 2010
  • Microsoft Excel 2010
  • Microsoft OneNote 2010
  • Microsoft PowerPoint 2010
  • Microsoft Publisher 2010
  • Microsoft SharePoint Designer 2010
  • Microsoft Word 2010
  • 2007 Microsoft Office Suite Service Pack 2
  • Microsoft Office Basic 2007
  • Microsoft Office Enterprise 2007
  • Microsoft Office Home and Student 2007
  • Microsoft Office Standard 2007
  • Microsoft Office Small Business 2007
  • Microsoft Office Ultimate 2007
  • Microsoft Office Professional 2007
  • Microsoft Office Professional Plus 2007
  • Microsoft Office Access 2007
  • Microsoft Office Excel 2007
  • Microsoft Office OneNote 2007
  • Microsoft Office Publisher 2007
  • Microsoft Office PowerPoint 2007
  • Microsoft Office SharePoint Designer 2007
  • Microsoft Office Word 2007
  • Microsoft Office 2003 Service Pack 2
  • Microsoft Office Basic Edition 2003
  • Microsoft Office Professional Edition 2003
  • Microsoft Office Professional Enterprise Edition 2003
  • Microsoft Office Small Business Edition 2003
  • Microsoft Office Standard Edition 2003
  • Microsoft Office Student and Teacher Edition 2003
  • Microsoft Office Access 2003
  • Microsoft Office Excel 2003
  • Microsoft Office FrontPage 2003
  • Microsoft Office OneNote 2003
  • Microsoft Office PowerPoint 2003
  • Microsoft Office Publisher 2003
  • Microsoft Office Word 2003
  • Microsoft Office XP Developer Edition
  • Microsoft Office XP Professional Edition
  • Microsoft Office XP Small Business Edition
  • Microsoft Office XP Standard Edition
  • Microsoft Office XP Standard Edition for Students and Teachers
  • Microsoft Access 2002 Standard Edition
  • Microsoft Excel 2002 Standard Edition
  • Microsoft FrontPage 2002 Standard Edition
  • Microsoft PowerPoint 2002 Standard Edition
  • Microsoft Publisher 2002 Standard Edition
  • Microsoft Word 2002
Keywords: 
kbsecvulnerability kbsecurity kbsecbulletin kbfix kbexpertiseinter kbbug KB2479871

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com