Trust logic for file attachments

This policy setting allows you to configure the logic that Windows uses to determine the risk for file attachments.

Preferring the file handler instructs Windows to use the file handler data over the file type data. For example, trust notepad.exe, but don't trust .txt files.

Preferring the file type instructs Windows to use the file type data over the file handler data. For example, trust .txt files, regardless of the file handler.

Using both the file handler and type data is the most restrictive option. Windows chooses the more restrictive recommendation which will cause users to see more trust prompts than choosing the other options.

If you enable this policy setting, you can choose the order in which Windows processes risk assessment data.

If you disable this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.

If you do not configure this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.

Supported on: At least Windows XP Professional with SP2
Determine risk by


  1. Preferring the file handler
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Microsoft\Windows\CurrentVersion\Policies\Attachments
    Value NameUseTrustedHandlers
    Value TypeREG_DWORD
    Value2
  2. Looking at the file handler and type
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Microsoft\Windows\CurrentVersion\Policies\Attachments
    Value NameUseTrustedHandlers
    Value TypeREG_DWORD
    Value3
  3. Preferring the file type
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Microsoft\Windows\CurrentVersion\Policies\Attachments
    Value NameUseTrustedHandlers
    Value TypeREG_DWORD
    Value1


attachmentmanager.admx

Administrative Templates (Computers)

Administrative Templates (Users)