Policy

Inclusion list for moderate risk file types

Windows 11 25H2

Back to categoryOpen picker

Policy overview

Key metadata and intent for this policy.

ClassUser
CategoryWindows Components > Attachment Manager
Supported onAt least Windows XP Professional with SP2

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

This policy setting allows you to configure the list of moderate-risk file types. If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file. This inclusion list overrides the list of potentially high-risk file types built into Windows and it takes precedence over the low-risk inclusion list but has a lower precedence than the high-risk inclusion list (where an extension is listed in more than one inclusion list). If you enable this policy setting, you can specify file types which pose a moderate risk. If you disable this policy setting, Windows uses its default trust logic. If you do not configure this policy setting, Windows uses its default trust logic.

Internal name
AM_SetModRiskInclusion
Policy ID
d98af4f28010
Elements
1

Registry values

How enabled and disabled states update the registry.

No explicit registry values are set for enabled or disabled states.

Policy elements

Inputs and configuration options exposed by this policy.

ElementTypeRegistry mappingConstraints & behavior
Specify moderate risk extensions (include a leading period, e.g. .doc;.pdf;).
ID AM_InstructModRiskInclusionList
text
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\ModRiskFileTypes
Type REG_SZ
None

Other policies in this category

Explore related policies at the same level.