Source: BleepingComputer
Author: Sergiu Gatlan
URL: https://www.bleepingcomputer.com/news/security/microsoft-outlook-to-block-more-risky-attachments-used-in-attacks/
ONE SENTENCE SUMMARY: Microsoft will block .library-ms and .search-ms attachments in Outlook starting July 2025 to counter phishing and malware threats.
MAIN POINTS:
- Microsoft expands Outlook’s blocked attachment list to include .library-ms and .search-ms files.
- The update applies to Outlook Web and the new Outlook for Windows starting July 2025.
- Attackers previously exploited .library-ms files in phishing campaigns targeting governments and companies.
- .search-ms protocol handler was exploited since June 2022 for phishing and malware delivery.
- Most organizations will not be affected due to rarity of these file types’ usage.
- Organizations relying on these file types must manually adjust allowed file type settings.
- Microsoft provides documentation to help Exchange Server administrators manage attachment security.
- Blocking these files is part of Microsoft’s larger strategy to eliminate exploited features.
- Microsoft previously disabled Office VBA macros, XLM macros, XLL add-ins, and ActiveX controls.
- VBScript support will also be discontinued by Microsoft starting April 2025.
TAKEAWAYS:
- Outlook security updates proactively block file types historically exploited by attackers.
- Organizations should review attachment policies to ensure operational continuity.
- Microsoft continues to remove legacy features to reduce security risks.
- Administrators can manually configure allowed file types to accommodate business requirements.
- Regularly reviewing Microsoft’s security documentation can help organizations stay informed and prepared.