Clicky

Microsoft Technical Bulletins

The latest updates for all the Microsoft Products you use every day.

Written by Richard Quatier

My goal is to help your business by integrating processes that automate mundane tasks and simplify complex ones without breaking budgets.

July 27, 2022

Blog Home

(Updated) Exchange Online-Updates to the file type list in the common attachment filter

Exchange Online, Microsoft 365 Suite, Microsoft 365 Experts

From Microsoft Corporation
Technical Bulletin MC379408 · Published May 13, 2022 · Last updated Jul 5, 2022

Message Summary

Updated July 05, 2022: We have updated the rollout timeline below and provided additional details. Thank you for your patience.

In anti-malware policies, you can select specific file types to identify as malware using the common attachment filter. Any email message with attachments of these specific file types will be handled per the policy settings. You can configure this specific list of file types by selecting them from the pre-defined list in the policy properties in the Microsoft 365 Defender portal or by manually adding your own (custom) file types using the power shell Set-MalwareFilterPolicy cmdlet in Exchange Online PowerShell.

Based on internal research and best practices guidelines from industry and other organizations, we are updating the list of file types that are available for selection. Currently, there are 95+ file types in the list, of which 13 are pre-selected by default in the common attachment filter settings. We are expanding this list to cover over 200 file types, of which over 50 are selected by default.

After rollout, this new expanded list along with the default selection will automatically apply to:

  1. Any new anti-malware policies that you create
  2. The default anti-malware policy: The current list of the selection will be retained and appended with the new file types being added as part of default selection. As a result, the list of file selections in the default policy will be expanded while retaining all of the existing selection. There will be no changes to any of the other settings (like zap, admin notification configuration etc). The only change which will happen to the default policy is the expansion of the selection.

The file selections in your existing anti-malware policies (enabled or not) will be retained and will not be updated automatically. You will need to manually update your existing policies with the recommended list of default file types (see below). 

This message is associated with Microsoft 365 Roadmap ID 85611

When this will happen:

Starting mid-July (previously early July) and completion of deployment by mid-August (previously late July)

How this will affect your organization:

Once these changes are rolled out, the list of default file type selections to the newly created policies and the default policy will differ from your existing policies. As the selection in the default policy will be expanded, there could be some messages which could be quarantined due to new file type addition. You will need to review the existing policies and update the list with recommended file types (see below).

What you need to do to prepare:

Review existing anti-malware policies and add the recommended file types to the block list. Since the default policy will now cover more file types, it’s likely that the expanded list of files in the default policy will block messages. If you do not want the new list of file types to be active, create a custom anti-malware policy (soon, before this feature deployment) with the file types that meet your needs. Review the following resources below to learn more:

The list of file types:

7z, 7zip,

 a, accdb, accde,ace, action, ade, adp, apk, app, appx, appxbundle, arj, asf, asp, aspx, ani, avi,

 bat, bin, bundle, bz, bz2, bzip2,

 cab, caction, cer, chm, cmd, com, command, cpl, crt, csh, css,

 deb, der, dex, dgz, dll, dmg, doc, docm, docx, dot, dotm, dtox, dylib,

 elf, exe,

 font,

 gz, gzip,

 hlp, hta, htm, html,

 img, imp, inf, ins, ipa, iso, isp, its,

 jar, jnlp, js, jse,

 kext, ksh,

 lha, lib, library, lnk, lqy, lzh,

 macho, mad, maf, mag, mam, maq, mar, mas, mat, mav, maw, mda, mdb, mde, mdt, mdw, mdz, mht,

 mhtml, msc, mscompress, msh, msh1, msh1xml, msh2, msh2xml, mshxml, msi, msix, msixbundle, msp, mst,

 o, obj, odp, ods, odt, one, onenote, ops,

 package, pages, pbix, pdb, pdf, php, pif, pkg, plugin, ppa, ppam, pps, ppsm, ppsx, ppt, pptm, pptx, prf,

 prg, ps1, ps1xml, ps2, ps2xml, psc1, psc2, pst, pub, py,

 rar, reg, rev, rpm, rtf,

 scf, scpt, scr, sct, service, sh, shx, shb, shtm, so, sys,

 tar, tarz, terminal, tgz, tool,

 uif, url,

 vb, vbe, vbs, vhd, vsd, vsdm, vsdx, vsmacros, vss, vssx, vst, vstm, vstx, vsw, vxd,

 workflow, ws, wsc, wsf, wsh,

 xhtml, xla, xlam, xll, xls, xlsb, xlsm, xlsx, xlt, xltm, xltx, xz,

 z, zi, zip, zipx,

The default selection from the above file type list is:

ace, apk, app, appx, ani, arj,

bat,

cab, cmd,com,

deb, dex, dll, docm,

elf, exe,

hta,

img, iso,

jar, jnlp,

kext,

lha, lib, library, lnk, lzh

macho, msc, msi, msix, msp, mst

pif, ppa, ppam,

reg, rev,

scf, scr, sct, sys,

uif,

vb, vbe, vbs, vxd

wsc, wsf, wsh

xll, xz

z

TECHNICAL BULLETIN END

QuixTec provides this and other technical bulletins unaltered from Microsoft. As an authorized Microsoft Partner, we ensure that all our solutions we deliver to you include the latest Microsoft updates.

ABOUT US: QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization with experience in a plethora of IT Software Languages.  As a Microsoft Partner, we specialize in Discounted Microsoft Software Licensing, Microsoft SharePoint, Microsoft365 and HTML5 technologies for small to enterprise-sized organizations. Our dedication to IT excellence is evidenced through our PECB ISO Certification training center. The only PECB ISO authorized center in Washington State. QuixTec, implements and provides training for upcoming open-source digital marketing services that are taking the industry by storm. This solution, used by over 100,000 businesses, provides enterprise level marketing capabilities at startup rates. The founder, Richard, has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory, and the U.S. Air Force, to name a few.  QuixTec is in the Seattle area. Phone today for a free consultation and project estimate.

(425) 367-9025

LEARN MORE

SharePoint Development ServicesSharePoint DevelopmentCustom Software DevelopmentMicrosoft 365 ExpertsMicrosoft 365IT Staffing ServicesIT StaffingWordPress Development ServicesForm Email ValidationMicrosoft LicensingMautic Open Source MarketingBest IT Staffing AgenciesIT Staffing Company

You May Also Like…

(Updated) Suspicious Connector Activity Alert

(Updated) Suspicious Connector Activity Alert

Exchange Online, Microsoft 365 Experts From Microsoft CorporationTechnical Bulletin: MC365410 · Published Apr 29, 2022 · Last updated Jul 7, 2022 Message Summary Updated July 7, 2022: We have updated the rollout timeline below. Thank you...

Basic Authentication – All Protocols

Basic Authentication – All Protocols

Exchange Online, SharePoint Development Services From Microsoft CorporationTechnical Bulletin: MC397868 · Published Jul 6, 2022 Message Summary We're making some changes to improve the security of your tenant. We announced in 2019 we...