Thread:Project:Support desk/Word files not uploaded/reply

it seems application/msword is blacklisted in $wgMimeTypeBlacklist in DefaultSettings.php

the provided comment reads: # MS Office OpenXML and other Open Package Conventions files are zip files # and thus blacklisted just as other zip files. If you remove these entries # from the blacklist in your local configuration, a malicious file upload # will be able to compromise the wiki's user accounts, and the user # accounts of any other website in the same cookie domain.

adding something to Localsettings like $wgMimeTypeBlacklist = array_diff($wgMimeTypeBlacklist, array('application/msword')); will allow application/msword files to be uploaded. But malicious files can also be uploaded.