This issue is now resolved.
When using Outlook Web Access to view mail stored in a mailbox on Microsoft Office 365, and attempting to preview a Portable Document Format (PDF) attachment, the user will [currently] receive the following message:
“The WebReady Document Viewing service has been disabled by the administrator for your organization. For more information, contact your helpdesk.”
Currently, the “WebReady Document Viewing” feature is disabled within Microsoft Office 365, as there was a security vulnerability discovered in a component (provided by a 3rd party) licensed to Microsoft.
Users are still be able to view PDF attachments by first downloading the attachments, then opening the file(s) locally on their computer. Users may also use the Outlook client to preview the PDF attachment from within the message itself.
“Vulnerability Note VU#118913: Oracle Outside In contains multiple exploitable vulnerabilities”
“Oracle Critical Patch Update Advisory - July 2012”
“Microsoft Security Advisory 2737111 and Microsoft Exchange”
“Microsoft Security Advisory (2737111): Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution”
“More information on Security Advisory 2737111”
“Microsoft Security Bulletin MS12-058 – Critical: Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358)”
"The WebReady Document Viewing service has been disabled?"
Isn't the service disabled as a whole and not just for PDF documents?
Okay, perhaps not. :)
Any idea why I'm experiencing the same thing with RTF documents even though this extension is in the allowed list.
Good catch on your part, and my apologies for not calling this out initially.
When using the Get-OwaMailboxPolicy cmdlet (via the Microsoft Online Services Module for Windows PowerShell), you'll see it displays both the WebReadyFileTypes and WebReadyMimeTypes as being enabled for rendering PDF and RTF documents. However, both RTF and PDF are currently disabled within Office 365 (as you observed). Thanks for the feedback!
I'm still getting this problem. When can we expect a fix?
Has the issue been resolved? All of my Office365 customers are still complaining; however, this bulletin seems to suggest its been resolved: