Allowing potentially dangerous attachments in Outlook

This content is 20 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I’ve come up against this one before, but as its something I’ve had to look up on a few occasions, I thought I’d post it up here. You know the problem – someone e-mails you a useful script and Outlook blocks access to it; and rightly so as we have no real way of telling if the attachment could be malicious.

If you trust the sender and are sure you need to access the attachment, there is a quick registry hack you can employ:

  1. Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security\ (for Outlook 2003 – change 11.0 to 10.0 for Outlook 2002 or 9.0 for Outlook 2000).
  2. Add a new String Value called Level1Remove and add a semicolon-delimited list of file extensions to be allowed, e.g. .bat;.cmd;.com;.exe;.vbs.
  3. Restart Outlook and the offending attachments will be accessible.

Remember that this is disabling a security feature, so only enable potentially dangerous attachment types as an emergency workaround and remove the Level1Remove value once complete.

More details may be found in Microsoft knowledge base article 829982.

One thought on “Allowing potentially dangerous attachments in Outlook

  1. I wasn’t sure whether you were aware of this tool, that is a COM add-in that does it all for you. Of course the same danger is there, but it’s perhaps easier than hacking the registry everytime you need to get at an exe ;)

    Stuart

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.