Tuesday, October 8, 2024
HomeComputer SecurityMicrosoft Blocked 38 File Types in Outlook to Prevent User's From Downloading...

Microsoft Blocked 38 File Types in Outlook to Prevent User’s From Downloading Malware

Published on

Microsoft blocked 38 file extensions in Outlook web to prevent user’s from downloading attachments with those files extensions.

Outlook contains built-in spam mail filter which prevents the junk mail getting into the inbox. Now Microsoft added 38 file extensions to BlockedFileTypes property of existing OwaMailboxPolicy objects.

Previously outlook blocked 104 file types, now Microsoft expanded it by adding additional 38 File types to enhance the security.

- Advertisement - EHA

If these file types are added to outlook blocked extensions, then users are blocked from downloading the attachments with those file types.

Microsoft said that the “newly blocked file types are rarely used, so most organizations will not be affected by the change. However, if your users are sending and receiving affected attachments, they will report that they are no longer able to download them.”

Securing your email address is vital, in the digital world, the email address related to all activities that you do online.

Blocked Extensions – Outlook Web

Following are the new extension types blocked

Python Extensions : ".py", ".pyc", ".pyo", ".pyw", ".pyz", ".pyzw"
Powershell Extensions : ".ps1", ".ps1xml", ".ps2", ".ps2xml", ".psc1", ".psc2", ".psd1", ".psdm1", ".psd1", ".psdm1"
Digital Certificate Extension : ".cer", ".crt", ".der"
Java based Extensions : ".jar", ".jnlp"
Other Extensions : ".appcontent-ms", ".settingcontent-ms", ".cnt", ".hpj", ".website", ".webpnp", ".mcf", ".printerexport", ".pl", ".theme", ".vbp", ".xbap", ".xll", ".xnk", ".msu", ".diagcab", ".grp"

If you are using Microsoft Exchange Server account and if you want to Whitelist any blocked attachments, this can be done by contacting the administrator to make the changes in security.

If you are not using Exchange Server account, then it can be unlocked by editing windows registries.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Badge and CyberArk Announce Partnership to Redefine Privacy in PAM and Secrets Management

Partnership aims to help businesses eliminate vulnerable attack surfaces and provide a more streamlined...

LemonDuck Malware Exploiting SMB Vulnerabilities To Attack Windwos Servers

The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm,...

Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day...

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

LemonDuck Malware Exploiting SMB Vulnerabilities To Attack Windwos Servers

The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm,...

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Hackers Gained Unauthorized Network Access to Casio Networks

Casio Computer Co., Ltd. has confirmed that a third party illegally accessed its network...