Policy
Default risk level for file attachments
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP
This policy setting allows you to manage the default risk level for file types. To fully customize the risk level for file attachments, you may also need to configure the trust logic for file attachments. High Risk: If the attachment is in the list of high-risk file types and is from the restricted zone, Windows blocks the user from accessing the file. If the file is from the Internet zone, Windows prompts the user before accessing the file. Moderate Risk: If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file. Low Risk: If the attachment is in the list of low-risk file types, Windows will not prompt the user before accessing the file, regardless of the file's zone information. If you enable this policy setting, you can specify the default risk level for file types. If you disable this policy setting, Windows sets the default risk level to moderate. If you do not configure this policy setting, Windows sets the default risk level to moderate.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Set the default risk level ID AM_RiskLevel | enum | HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\DefaultFileTypeRisk Type REG_DWORD | Options: High Risk (6150), Moderate Risk (6151), Low Risk (6152) |
Other policies in this category
Explore related policies at the same level.
- UserDo not preserve zone information in file attachmentsAt least Windows XP Professional with SP2
- UserHide mechanisms to remove zone informationAt least Windows XP Professional with SP2
- UserInclusion list for high risk file typesAt least Windows XP Professional with SP2
- UserInclusion list for low file typesAt least Windows XP Professional with SP2
- UserInclusion list for moderate risk file typesAt least Windows XP Professional with SP2
- UserNotify antivirus programs when opening attachmentsAt least Windows XP Professional with SP2
- UserTrust logic for file attachmentsAt least Windows XP Professional with SP2