Office 2003 SP3 Legacy File Formats Disabled


This is a public service announcement that by installing Office 2003 SP3, the ability to open and save older legacy file formats will be blocked.  The reason for this decision is strictly for security reasons.  Some older file formats including some from Microsoft are insecure and do not satisfy new attack vectors that hackers can use to execute malicious code.  The decision to block the formats is strictly to protect your machine from being compromised.


If you need instructions to re-enable certain file formats, please read this article KB 938810.  It involves registry modifications so, as usual, backup your registry before altering.


I would personally convert your documents to OpenXML by using the Office Compatibilty Pack for Office XP,2000,2003.  If you need to batch convert ALL of your files to the new format, Microsoft provides an easy to use command-line tool for IT administrators called Office Migration Planning Manager (OMPM).  Here is my earlier blog post referencing OMPM. OMPM is great because if doesn’t overwrite the original files at all, it simply makes a copy of the file in the new file format so there is no risk!


Formats Disabled



The following table contains the DWORD names and the corresponding file formats that are blocked by using the FileOpenBlock subkey.


LotusandQuattroFiles
.wk1, .wk4, .wj3, wk1 FMT, .wks, .wk3, wk3 FM3, .wj2, .wq1, .fm3, .wj1


DifandSylkFiles
.dif, .slk


FilesBeforePowerPoint97
This policy will prevent the saving of files that are older than PowerPoint 97 and that have file formats such as .ppt, .pot, .pps, and .ppa.


FilesBeforeVersion
All Word files that have an nFib value that is less than the minimum nFib value as set by an administrator



The following table contains the DWORD names and the corresponding file formats that are blocked by using the FileSaveBlock subkey.


Converters
This policy prevents PowerPoint presentations that are in a format that is older than the Microsoft PowerPoint 97 file format from being opened. These presentations are saved by using file formats such as .ppt, .pot, .pps, and .ppa.


 To enable these file formats, use one of the following methods.


*UPDATE* Read my follow-up article detailing some of the finer criticisms in this post. 


http://blogs.technet.com/tarpara/archive/2008/01/07/office-2003-sp3-the-facts-and-fiction.aspx


Downloads


Office Compatibility Pack


Office Migration Planning Manager (OMPM) – download link for tools


*updated* – documentation link on download page is broken.  Use link below for guide.


Office Migration Planning Manager (OMPM) – Documentation

Comments (20)

  1. Anonymous says:

    Сьогодні прочитав що SP3 до Office 2003 заблокує формати doc, xls та ppt! Сказати більше нічого, отже

  2. Anonymous says:

    Actually, SP1 will reduce the UAC "Are you sure prompts" by a factor of 4:1 compared to RTM.  And just on that note, the average information worker will almost never get a UAC prompt after 2-3 weeks.  This is because UAC remembers whats okay and whats not.  My guess is that power-users like me will get around 8 or 9 UAC prompts a week because I’m executing administrative tasks while using my account for standard uses.  Its only like the Apple commercials if you’re not following best practices.  That said, I’m pretty sure they will improve UAC over the next few service packs because no one is saying that it is ideal.

    Now on to your more idiotic trolling comment. When was the last time you opened a pre-office97 file?  When was the last time you opened a Quattro file?  I never did in my life.  In the off chance you need it, you have a way to do it.  An "are you sure" prompt is not a safe way to deal with document files.  

    OpenXML is free to use outlined with the conditions in the Open Specification Promise by Microsoft.  You DO NOT have to license Office 2007 to use OpenXML.  It works with previous versions of Office as well as OpenOffice, NeoOffice, Google Apps, iWork suite, AbiWord…etc.  Between Microsoft Office, Apple Pages, Corel, Novell OpenOffice, NeoOffice, you have 99.999% of the market.  Did you even read my article?

    How many iterations of ODF will it take to reach maturity as a file format specification? 1.2, 1.3, 1.4, 1.5?  Do know how much time for standardization this is going to involve?  OpenXML is orders of magnitudes more mature.  And people are implementing fully this very moment.

    To close this comment, how can you trust a format whose committee has stated supporting older documents is outside of the scope of the spec?  Universal document formats must, by design, be able to faithfully retain the document in its original form as accepted by laws contract or otherwise.  What will happen 10 years from now when you have ODF and a million of older documents like legal documents saved in WordPerfect that need to run through automated workflows?…Oh sorry, you won’t be able to easily because ODF cannot maintain integrity across formats and systems can’t define workflow around binary formats which are essentially memory-dumps.  At the end of the day, you’re an idiot if you don’t convert your documents to either ODF or OpenXML.  XML is the key because this format war is NOT about the desktop, or information workers, or the consumers.  It is about the massive mainframes, servers and line of business applications that will parse the XML and use the content for AUTOMATION and workflow.  There are only two major companies that have a vested interest in this war, Microsoft and IBM, and IBM is making a fool of the world.

  3. Anonymous says:

    Hi Embee,

    if you check the resources linked below, you will find a very easy way to unblock the formats.

    http://blogs.technet.com/tarpara/archive/2008/01/07/office-2003-sp3-the-facts-and-fiction.aspx

    As written in the linked blog post, we could have handled the notification of format blocking in a more elegant manor, as such Microsoft’s apologizes for the inconvenience.  

    However, with regard to your comment about upgrading, you are so far off the mark it is irresponsible as an IT professional.  Real people do upgrade their software because they gain new feature sets and benefits such as document compatibility, but also consumers benefit from improve security of the product.  All software has bugs and like most engineering processes, improvements are made iteratively.

    Chances are your wife probably doesn’t have an elegant backup policy.  She would likely be in the majority with the rest of the world.  This should not mean that people who value their system integrity and data safety should be penalized because "real people" don’t have time be bothered with protecting themselves against real threats.

    What I will tell you is that, this whole argument will soon be a thing of the past as computing moves to the cloud with services like Google Apps, Zoho, Office Live and the next-generation of Office.  I would agree with the sentiment that normal end-users shouldn’t have to be burdened with backing up and archiving their documents and managing compatibility.  I would agree that things should just work.  The reality is that this won’t be happening until cloud computing is ubiquitous.

  4. Anonymous says:

    People think digital data should be left alone and supported for decades.  Anyone who is even remotely familiar with the concept of archiving, not backup, archiving, understands thats legacy digital content is no different from analog media such as film and records.

    Ask the guys at the Smithsonian Institute how much care and methodolology they have in place in archiving content.  Similarly ODF and and OpenXML will not have the same issues as the previous document formats because at the end of the day they are just plain text and protected against issues that older binary formats had.

    For a guy who claims to have 15 years of enterprise experience, your article sure is sensationalist garbage.  I particularly like your quote around “A Dead PC is a Safe PC — Says Microsoft.”  That supporting article makes me believe that you don’t even bother reading the entire KB articles you quote as any competant IT administrator would.  You attitude is disingenious at best and I feel sorry for your readers.

    Disingenious Article: http://www.zoliblog.com/2008/01/03/microsoft-decides-you-dont-need-your-old-data/

  5. Anonymous says:

    What turned out to be a relatively simple security service pack for an end-of-life version of Office

  6. Anonymous says:

    OpenOffice is one solution but by the time you install it, run it, run out of memory, restart machine, open the file an IT admin could’ve pushed out a registry patch to 2000 machines via SMS :p

    I have no problem paying less than $1 a day for improved productivity with MS Office.  I spend more on beer.  I wish there was open-source beer.

  7. Anonymous says:

    I am in agreement with everything that David and Reed have said.  I am actually posting my rebuttal.  My original post was simply bringing attention to the situation, I was not passing an opinion.  My original post was simply a paraphrasing of a convoluted KB article.  

    As for the smokescreen, you act as if this is some deliberate attempt to justify my post.  Let me be clear, the original post was intended to notify IT pros.

  8. Anonymous says:

    Thanks for letting me know about the broken link, i’ve updated my blog post and will notify the KB page owner.

    Regarding your question, I misunderstood and thought you were talking about the original file.  I’m actually trying to find out the answer myself because I’m pretty sure the timestamp DOES change on the converted file.  

    Here are my thoughts on the issue though:

    1. Why do you need the last-modified timestamp?  If you are using it for archival reasons, this definately not ideal and would definately not satisfy most industry,state,federal, or company regulations for archival as the the timestamp can easily be changed artificially.

    2.  Certain laws like Sarbanes-Oxley would require you by law to maintain certain files on a WORM (write once read many) drive so that they are not altered.  Depending on the age of your files, the law may or maynot apply.  I would recommend consulting your legal advisor regarding appropriate data retention policies and determining if the ORIGINAL file must be kept or can be "converted."

    3.If you are using the filesystem timestamp as part of some mission-critical workflow, then I would highly recommend you use a database or content management system with checkin/checkout capabilities instead.  Doing this puts a much needed abstraction layer that protects against arbitrary changes to the timestamp.  It is just a more secure way to do it.

    Finally, if after all that you need to maintain your timestamp, here is some VB6 code that can be modified to script out your needs.  It uses some Windows APIs to change the stamp.

    http://www.freevbcode.com/ShowCode.Asp?ID=1335

    The link above links to some VB6 code that you can use to create script/applet to change filestamps.

    AND if that is too complicated, you can try this utility which claims to have batch processing capabilities, thought I haven’t tried it.

    http://thinkabdul.com/2007/07/06/attribute-changer-for-windows-xp-vista-free-utility-to-changemodify-date-timestamp-system-compression-attributes-of-files-folders-from-context-menu/

  9. Anonymous says:

    Still having issues post Office 2003 sp3? – The Official Blog of the SBS "Diva":

    http://msmvps.com/blogs/bradley/archive/2007/11/28/still-having-issues-post-office-2003-sp3.aspx

    Just use the registry key fix.

    (and why does your blog sometimes launch me to a skydrive?)

    Legacy business applications may spit out older versions of documents that we use in our daily lives.  Trust me, it is an issue that we are seeing out here and for standalone home users, the KB articles that originally came out were ridiculous.  Don’t make security so hard that people will stop downloading patches and service packs.

  10. WhyEveryOneHatesMS says:

    This is why EVERYBODY hates MS — convert it to OpenXML is the answer, how convenient for MS that you’ll have to license a newer version of one of their products.  MS has NO problem inserting countless "Are you sure?" prompts, but not for these supposedly "dangerous" file formats.  The file formats aren’t dangerous, the program opening them is (Office 2003).

  11. Dave says:

    Simple solution – just install and use

    openoffice.org.  Problems solved!

  12. Dan_IT says:

    *I spend more on beer.  I wish there was open-source beer.*

    http://news.bbc.co.uk/2/hi/technology/4718719.stm

    Hey, maybe if MS can claim some beer patents and spread some beer FUD, they can monopolize that market too!  

    It’s not just about MS vs IBM. Sure, IBM might not be saintly, ODF might not be perfect, but MS has a long history of squelching innovation whenever it has a leg up.  Anyone who remembers the history of Java, or who has tried to code for the web over the last few years realizes that.  With Ballmer’s BS statements on Linux patents, with MS’s behavior in the past regarding file formats, and with this current move, it’s difficult to believe that MS truly has the welfare of its customers as a priority. I’d rather see MS be forced to play on a level playing field so that innovation can also come from companies that are not partners with MS, and yet not at an unfair disadvantage because they are not partners.  I do think that MS did a great job innovating in the latest version of Office; don’t get me wrong.  And I know that there are a few legitimate benefits to OOXML.  Nevertheless, in the long terms, I think that the consumer will benefit the most when MS has to play on the same playing field as every one else, using the much more openly-created standard of ODF.  MS just doesn’t have a trustworthy enough track record to believe that they will play fair with consumers in the future.

  13. editor@zoliblog.com says:

    Congratulations, calling your readers idiots is the way to go for an Evangelist!

  14. John says:

    "How many iterations of ODF will it take to reach maturity as a file format specification? 1.2, 1.3, 1.4, 1.5?  Do know how much time for standardization this is going to involve?  OpenXML is orders of magnitudes more mature."

    What are you talking about, ODF is a mature specification, that is why it is the ISO standard and OpenXML is not.

  15. fzz says:

    Other Microsoft employees (David LeBlanc, Reed Shaffner) have admitted that this SP3 behavior was a mistake, at least in terms of wording (it’s not the file formats that are unsafe, it’s the extremely old code in Office used to open files in those formats that’s insecure) and in terms of delivery (silently ELIMINATING funtionality was at best ill-considered).

    As for pre-Office 97 file formats, one applications I use at work is based on a product called FormulaOne, and it generates intermediate files in Excel 5/95 .XLS format, so I work with files in that pre-Excel 97 .XLS format several times a week. Good thing SP3 didn’t block any .XLS file formats even though the Excel 5/95 file format can contain many more kinds of nastiness than any of the blocked Lotus and Quattro Pro file formats with the possible exception of the Lotus .WK4 file format. So much for claiming security as a justification.

    But thanks for the easily seen through smokescreen. Even before your posting it was obvious that Microsoft is trying to push users/businesses into  more rapidly upgrading to Office 2007. Since Office 2007 doesn’t support the non-Microsoft file formats blocked by SP3 AT ALL, it sure looks like someone in Microsoft thought it’d be a good idea to remove the perception that upgrading from Office 2003 to Office 2007 would reduce some functionality, so they did so in typical Microsoft fashion.

    As for practicality and archiving, many companies leave archiving files up to individual departments, and those departments have libraries of CDs or DVDs containing archived files, and many times those archives are stored off site. Without IT department access to these disks, batch conversion is impractical at best.

    Fortunately where I work, archival of important document involves scanned images rather than any Office document formats (we’re smart enough to avoid .MDI format), and there are several FOSS viewers for common image file formats. So, yes, we’re likely to be able to view and print such archived documents for decades no matter what shenanigans Microsoft gets up to.

  16. alok says:

    I like to maintain the last file-modification dates of various files.  Conversion to new format (while the batch conversion solution leaves the original files intact) does not solve this problem since a lot of hard-drive space would be wasted if the original files are maintained just to maintain the date (besides, that will become a maintenance mightmare by itself).

  17. Viral Tarpara says:

    Actually converting them DOES NOT erase file attributes except for “last accessed” date.  I wish people would read instead of assuming.

    How the OMPM File Scanner works

    The OMPM File Scanner gathers information about the computer and recursively scans the designated path for Office files. The OMPM File Scanner then records the results in an XML log file to the designated destination path.

    The OMPM File Scanner performs the following tasks in a single scan:

    • Scans the computer for Office files within the folder structure defined by the SourcePath specified in the configuration file offscan.ini.

    • Scans the computer for properties such as operating system, memory, and language ID.

    • Scans for file property information such as file name, path, size, format, created date, modified date, and file owner.

    • If this is a deep scan, scans for compatibility issues.

    • Writes an XML log file to the destination path for each file that contains compatibility issues.

    • Adds the XML log files to a series of CAB files for later transfer to a SQL Server.

    • Logs failures to the XML log files.

     Note:  

    <b> The OMPM File Scanner does not change file properties, except possibly Last Accessed Date.

    /<b>

     Note:  

    The OMPM File Scanner does not transmit data to Microsoft Corporation.

  18. alok says:

    >> Actually converting them DOES NOT erase file attributes except for "last accessed" date.

    I am confused.  When OMPM writes the document in the new format, will the "new" file bear the date of the original file?!  If not, let me explain again what I meant:

    Say I have a file in old format, last modified on Jan 1, 1990.  I use OMPM to convert to the new file format.  The old file still has last-modified stamp for Jan 1, 1990, but the new file (as I understand) would have the current date.  Once done converting,
    I would not want to maintain the old file just to keep a record of its last-modified date!

    If I am still getting it wrong, please help me find more documentation on OMPM.  The link to more details (*) on OMPM on Microsoft’s OMPM download page (**) does not work.

    *
    http://technet2.microsoft.com/Office/en-us/library/d8f318d4-84ea-4d3e-8918-ea8dacd14f7e1033.mspx?mfr=true

    **
    http://www.microsoft.com/downloads/details.aspx?familyid=13580cd7-a8bc-40ef-8281-dd2c325a5a81&displaylang=en

  19. embee says:

    This is obnoxious because thousands of documents are saved in "legacy" file formats and must be accessible on demand.

    Real people with real jobs and real lives do not have time to sit around converting documents to improve Microsoft’s sales numbers. Real people do not need to "upgrade" their programs when the old version works just fine and they have neither the time nor the inclination to address the learning curves.

    Real people use computers as tools in their lives and do not appreciate unnecessary and obnoxious obstructions. My own wife is not a lover of computers. I had to reinstall MS Office on her computer so she could access years of research documents and her Ph.D. thesis. She is too busy to learn a new program, so I can’t steer her to Open Office. She will never buy another Microsoft program. She is the norm.

    I do IT support work and I will make money from this, but it is just one more reason to steer clients away from Microsoft products. Making money isn’t everything, though Microsoft management would not agree.