Upgrades to Data Loss Prevention 15.5 incorrectly replace .doc, .xls, and .ppt MIME types with Open XML MIME types


Article ID: 185110


Updated On:


Data Loss Prevention Endpoint Prevent


This technote replaces a previous alert (ALERT2690) for DLP.


The upgrade process to Data Loss Prevention 15.5 incorrectly applies a wild card replacement of .doc, .xls, and .ppt MIME types to Open XML MIME types.

This wild card replacement results in the following changes:

  • docuworks MIME type is changed to docxuworks (this results in a red error banner when editing some policies)
  • encrypted_doc MIME type is changed to encrypted_doc, docx (an additional MIME type)
  • encrypted_xls is changed to encrypted_xls, xlsx (an additional MIME type)
  • encrypted _ppt is changed to encyrpted_ppt, pptx (an additional MIME type)

The additional MIME types for policy conditions can cause false negatives. They can also cause data loss for policy exceptions.


DLP systems upgraded to 15.5


To address this issue, see the Knowledgebase article, "Red banner when editing some policies after upgrading to 15.5," and follow the workaround provided in the article.

The issue is fixed in 15.5 MP1.