We talked last week about the problems of holding onto old documents. Microsoft just made the problem even more complicated.

In the Service Pack 3 (SP3) update for Office 2003, Microsoft is blocking a number of older file formats so they can no longer be opened by MS products like Word, Excel or Powerpoint. Microsoft is walking away from it’s commitment to backwards-compatibility because many of the older file formats had weaknesses that could be exploited by hackers to insert viruses and other malicious code into your computer. By disabling the older formats, Microsoft reduces the vulnerability of the Office applications to some of those kinds of attacks.

The problem is that if you are keeping old files in their native format as part of your records retention plan, you may no longer be able to open them. (Worse, if you get sued and have to turn over those documents, the courts don’t care about format compatibilities. You still have the document – it’s your responsibility to make sure that they can be opened and evaluated.)

Microsoft has two workarounds for this problem – neither very good.

The first involves modifying your registry settings so your computer can still open the older formats. That is a high-risk action and I do not recommend it. Not only does it defeat the security advantage of the change, any mistake when editing the registry settings can corrupt your entire computer. Even Microsoft warns against it saying “Serious problems might occur if you modify the registry incorrectly.” and “Modify the registry at your own risk.”

The second is to convert all your historical documents to the newer format. Microsoft has some automated tools to help but the conversion process is much more labor-intensive and error-prone than I think Microsoft wants to admit. I would seriously question the business case for converting any but your most critical of official records.

There is a third option which I consider far better. Take this opportunity to check those old documents against your retention policy and clean out the ones that you should have gotten rid of long ago. For the few that you must retain, make sure that you are keeping your business records in a stable format. Don’t save files in their native MS Word document format – convert them to pdf or even tiff. Those formats are simpler and have far fewer holes that a hacker could exploit. They’re also designed to remain readable across many generations of software.

Call your IT team for instructions on how to convert an old file to an updated format.

Bill Wilson at IIABA’s Virtual University published the tip above in his newsletter and received the following question.
What are the file extensions that Microsoft has abandoned? I think it would be very helpful to know as we would then be able to do searches for those file types stored on our system. Thank you.

As Bill pointed out to the caller, the file extensions alone will not tell you which file formats have been disabled since Microsoft continues to use the same file extensions for the newer versions of it’s software. (A Word document carries the .doc extension whether it’s Word 1.2, Word 2003 or any version in between.) Microsoft has a little bit more information about the changes here but no new answers.

You can read another article about the problem at wired.com.
Thanks to Bill for finding those extra links.

Leave a Reply