Article ID: 938815
Article Last Modified on 9/18/2007
APPLIES TO
- Microsoft Office 2003 Service Pack 3, when used with:
- Microsoft Office Excel 2003
- Microsoft Office Word 2003
- Microsoft Office Web Components
- Microsoft Office Access 2003
Important This article contains information about how to modify the registry. Make sure that you back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows registry
INTRODUCTION
This article introduces a new feature in Microsoft Office 2003 Service Pack 3 (SP3). This feature lets administrators and users set registry keys in order to enable or to disable the instantiation point of a specific COM category in an Office 2003 SP3 program. For example, you can use this feature in Microsoft Office Word, Microsoft Office Web Components, or Microsoft Office Excel.
Note This feature exists only in Office 2003 SP3.
MORE INFORMATION
Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
Enable or disable the new feature
By default, this new feature is disabled in Office 2003 SP3. To enable this feature, the following registry key can be set in the domain policy:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Common\Security Value
Value Name ComCatCheck
Value Type REG_DWORD
Default Value None
If this key is not set, users can set the following equivalent key for Office 2003:
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Common\Security
Value Name ComCatCheck
Value Type REG_DWORD
Default Value 0
Note The default value of 0 means that the feature is disabled. The default value of 1 means that the feature is enabled.
Four categories are currently defined. For each category in Office 2003, there is a core domain policy category key as follows:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Excel\Security\COM Categories\CATID_ExcelCreateRTD
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Access\Security\COM Categories\CATID_OWCSafeProviders
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateLink
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateOCX
If these keys are not set, users can set the following equivalent keys for Office 2003:
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\COM Categories\CATID_ExcelCreateRTD
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Access\Security\COM Categories\CATID_OWCSafeProviders
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateLink
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateOCX
The respective category IDs for these four categories are defined in the following table.
| Category Name | Category ID | Description |
| CATID_ExcelCreateRTD | {8F3844F5-0AF6-45C6-99C9-04BF54F620DA} | This category governs Excel RTD usage. |
| CATID_OWCSafeProviders | {A67A20DD-16B0-4831-9A66-045408E51786} | This category governs OWC Data Source Provider usage. |
| CATID_WordCreateLink | {CCA2DB40-1B36-4A75-9876-154F1312F3E0} | This category governs Word OLE Link insertion. |
| CATID_WordCreateOCX | {81535360-42BB-4EF8-BB89-F0EECE074556} | This category governs Word OCX insertion. |
CheckType registry entry and CheckCatID registry entry
You can set the following registry entries in each category key.
CheckType
The CheckType registry entry can be set to determine whether to use the Allow list or to use the Deny list.
Value Name CheckType
Value Type REG_DWORD
Default Value 0
A value of 0 means that the deny list will be used. A value of 1 means that the Allow list will be used.
Note If you set the value of the CheckType registry entry to 1 for a category and if you do not specify an Allow list, all controls in that category will be disabled. If you set the value of the CheckType registry entry to 0 for a category and if you do not specify a deny list, all controls in that category will be enabled. These guidelines are true unless the CheckCatID registry entry is set and is not present.
CheckCatID
The CheckCatID registry entry can be set to determine whether the category of the COM component must be checked.
Value Name CheckCatID
Value Type REG_DWORD
Default Value 0
A value of 0 ignores the COM Category of the component. A value of 1 allows for COM components only in the specified category.
Allow lists and Deny lists
Allow lists
The Allow lists for four categories reside in the following locations:
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\COM Categories\CATID_ExcelCreateRTD\Allow
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Access\Security\COM Categories\CATID_OWCSafeProviders\Allow
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateLink\Allow
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateOCX\Allow
Deny lists
The Deny lists for four categories reside in the following locations:
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\COM Categories\CATID_ExcelCreateRTD\Deny
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Access\Security\COM Categories\CATID_OWCSafeProviders\Deny
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateLink\Deny
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\COM Categories\CATID_WordCreateOCX\Deny
You can add a class identifier (CLSID) to the Allow list or to the Deny list. For example, to add CLSID {8BD21D40-EC42-11CE-9E0D-00AA006002F3} to the CATID_ExcelCreateRTD Allow list, you can create the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\COM Categories\CATID_ExcelCreateRTD\Allow\{8BD21D40-EC42-11CE-9E0D-00AA006002F3}
You can add a CLSID to a specific category. For example, to add CLSID {8BD21D40-EC42-11CE-9E0D-00AA006002F3} to the CATID_ExcelCreateRTD category, you can create the following registry key:
HKEY_CLASSES_ROOT\CLSID\{8BD21D40-EC42-11CE-9E0D-00AA006002F3}\Implemented Categories\{8F3844F5-0AF6-45C6-99C9-04BF54F620DA}
Note The respective category ID for the CATID_ExcelCreateRTD category is {8F3844F5-0AF6-45C6-99C9-04BF54F620DA}.
For more information about implemented categories, visit the following Microsoft Web sites:
When you add a CLSID to a specific category for 32-bit applications on a 64-bit platform, you can use the following registry key:
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CLSID}\Implemented Categories\{CategoryID}
For more information about how to use the Group Policy snap-in to specify policy settings for groups of users and for groups of computers, visit the following Microsoft Web site:
Keywords: kbhowto kbinfo kbexpertiseinter KB938815
