Applies ToOffice Home and Business 2016 Office Home and Business 2016 Office Home and Student 2016 Office Home and Student 2016 Office Professional 2016 Office Professional 2016 Office Professional 2016 Office Professional Plus 2016 Office Standard 2016 Office Home and Business 2010 Office Home and Student 2010 Office Professional 2010 Office Professional Academic 2010 Office Professional Plus 2010 Office Standard 2010 Office Starter 2010 Access 2010 Excel 2010 Microsoft OneNote 2010 PowerPoint 2010 Publisher 2010 SharePoint Designer 2010 Microsoft Word 2010 Office Home and Student 2013 Office Professional 2013 Office Professional Plus 2013 Office Standard 2013 Office Professional Plus 2013 Home Use Program

Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.

Introduction

Beginning in Microsoft Security Advisory MS10-105, the security update that is described in the security advisory lets users and administrators control when and how Microsoft Office loads images in Office programs by setting the "Allow List" in the registry.For more information about Microsoft Security Advisory MS10-105, click the following article number to go to the article in the Microsoft Knowledge Base:

968095 MS10-105: Vulnerability in Microsoft Office could allow for remote code executionThe security update applies to the Microsoft Access, Microsoft Excel, Microsoft FrontPage, Microsoft OneNote, Microsoft PowerPoint, Microsoft Publisher, and Microsoft Word programs that are listed in the "Applies to" section.By default, the following graphic filters are enabled and do not require a registry subkey change after you apply the security update:

  • Bitmap (.bmp)

  • Graphics Interchange Format (.gif)

  • Joint Photographic Experts Group (.jpg, .jpeg)

  • Macintosh PICT (.pict)

  • Portable Network Graphics (.png)

File information

Latest version numbers for the graphic filters

The following table lists the latest version numbers for the graphic filters together with the Microsoft Office versions to which they apply.Note This table lists the English file versions only.

Type

Description

File included in Office 2016 and Office 365

File included in Office 2013

File included in Office 2010

File included in the 2007 Office system

BMP

BMPIM32.FLT

CDR

CDRIMP32.FLT

CGM

CGMIMP32.FLT

2010.1400.4740.1000

2006.1200.4518.1000

EPS

EPSIMP32.FLT

2012.1600.4309.1000

2012.1500.4420.1023

2010.1400.4740.1000

2006.1200.4518.1000

GIF

GIFIMP32.FLT

2012.1600.4266.1001

2012.1500.4420.1023

JPG

JPEGIM32.FLT

2012.1600.4333.1000

2012.1500.4420.1023

PCD

PCDIMP32.FLT

PICT

PICTIM32.FLT

2012.1600.4266.1001

2012.1500.4420.1023

2010.1400.4740.1000

2006.1200.4518.1000

PNG

PNG32.FLT

2012.1600.4333.1000

2012.1500.4420.1023

WPG

WPGIMP32.FLT

2012.1600.4266.1001

2012.1500.4420.1023

2010.1400.4740.1000

2006.1200.4518.1000

FPX

FPX32.FLT

PCD

PCDIMP32.FLT

PCX

PCXIMP32.FLT

TIFF

TIFFIM32.FLT

WMF

WMFIMP32.FLT

More Information

How to enable the graphics filter "Allow List"

Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround, but we are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.The "Allow List" and the enabled graphic filters can be set manually for a single computer or by using a Group Policy setting.The graphic filters that you have to enable must be added to the following registry subkeys:

For a single computer:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImportFor a single computer that is running a 64-bit operating system:HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImportFor a Group Policy setting:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\Common\Security\AllowLists\GraphicsFilterImportTo enable the "Allow List" for graphic filters, the AllowListEnabled value must be set to 1. To disable the "Allow List," the AllowListEnabled value must be set to 0.Note If the AllowListEnabled value does not exist, you must create it as a REG_DWORD type.When the AllowListEnabled value is enabled, you can specify the list of graphic filters to enable by adding the graphic filters as a string value that has the name FILTER.FLT (where FILTER.FLT is replaced by the actual name of the filter) together with the version number of the filter. The filter version number must use the following format:

XXXX.YYYY.ZZZZ.WWWWNote When you set the AllowListEnabled value to 1, the default list of enabled graphic filters is removed. To re-enable the default graphic filters and add the CGMIMP32.FLT graphic filter, you must specify the filters in the "Allow List."The following table shows an example of the "Allow List":

Name

Type

Data

(Default)

REG_SZ

(value not set)

AllowListEnabled

REG_DWORD

0x00000001 (1)

EPSIMP32.FLT

REG_SZ

2012.1600.4309.1000

GIFIMP32.FLT

REG_SZ

2012.1600.4266.1001

JPEGIM32.FLT

REG_SZ

2012.1600.4333.1000

PICTIM32.FLT

REG_SZ

2012.1600.4266.1001

PNG32.FLT

REG_SZ

2012.1600.4333.1000
Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders