If you use Group Policy, always set the "Set Default File Block Behavior" policy. This determines whether the user sees an error message, a warning, or a silent failure. The worst thing you can do is block a file type without a clear error message—your helpdesk will drown in "corrupted file" tickets. The "Open Anyway" Loophole (And Why You Should Close It) By default, when a file is blocked by these settings, the user gets a message and no option to override . However, older versions of Office (2010/2013) had a checkbox: "Do not show this message again and allow me to open."
We often talk about macros, add-ins, and ActiveX controls when discussing Office security. But lurking just a few clicks away in the Trust Center is a feature that is simultaneously one of the most protective and one of the most frustrating in the Microsoft 365 ecosystem: File Block Settings .
In modern Microsoft 365 Apps (Semi-Annual Enterprise Channel), that override is often removed. If you block a file type, it is blocked . The only way to open it is for an admin to change the Trust Center policy or temporarily move the file to a whitelisted location (which is not a real fix). The Migration Strategy: How to Phase Out Legacy Formats If you want to finally kill .doc in your organization, do not flip the "Hard Block" switch tomorrow. That is a riot waiting to happen. Use a 3-phase strategy:
When Microsoft introduced the Open XML formats ( .docx , .xlsx , .pptx ) in 2007, they fixed structural security, but billions of legacy files remained in the wild.
For legacy formats you must support (e.g., .xls files from a legacy ERP system), set the behavior to Protected View , not Hard Block . For truly dangerous formats ( .xla macro sheets, .wbk Word backup files), set the behavior to Hard Block . The "Save" Block: A Compliance Nightmare Most admins focus on "Open" blocks. The real policy drama comes from "Save" blocks.
"Blocking save prevents users from creating dangerous files." Reality: It prevents them from creating legacy files. They can still create a dangerous .docm (macro-enabled document) unless you block that separately in Macro Settings. Final Verdict: Should You Tweak These Settings? For the home user: Leave them at their default (Microsoft's out-of-box settings). The defaults block only the truly ancient and dangerous formats (Excel 4.0, Word 2.0, etc.). Do not unblock them unless you absolutely trust the source.
You must customize these settings. The default settings are too permissive for regulated industries (Finance, Healthcare, Legal) and too restrictive for engineering firms that rely on legacy CAD-to-Excel exports.
¿Quieres que te contemos un secreto? 🤫 Suscríbete a nuestra newsletter y recibe las últimas novedades y promociones especiales. ¡Únete a nuestra comunidad de lectores y lectoras!
Responsable del tratamiento: Serlogal 2.0 S.L.; Contacto: protecciondatos@serlogal.com
Destinatarios: No se prevén cesiones de datos a empresas ajenas a nuestro grupo.
Derechos: Acceso, Rectificación, Limitación, Oposición y Portabilidad.
Se puede consultar la información detallada en nuestra PolÃtica de Privacidad....
