Skip to Content

MC379408: Exchange Online-Updates to the file type list in the common attachment filter

In anti-malware policies, you can select specific file types to identify as malware using the common attachment filter. Any email message with attachments of these specific file types will be handled per the policy settings. You can configure this specific list of file types by selecting them from the pre-defined list in the policy properties in the Microsoft 365 Defender portal or by manually adding your own (custom) file types using the power shell Set-MalwareFilterPolicy cmdlet in Exchange Online PowerShell.

We are enhancing the common attachments filter (Anti-malware policy) to expand list of available file types and also manage custom file types in the portal.

MC379408: Exchange Online-Updates to the file type list in the common attachment filter

Based on internal research and best practices guidelines from industry and other organizations, we are updating the list of file types that are available for selection. Currently, there are 95+ file types in the list, of which 13 are pre-selected by default in the common attachment filter settings. We are expanding this list to cover over 200 file types, of which over 50 are selected by default.

After rollout, this new expanded list along with the default selection will automatically apply to:

  1. Any new anti-malware policies that you create
  2. The default anti-malware policy

The file selections in your existing anti-malware policies (enabled or not) will be retained and will not be updated automatically. You will need to manually update your existing policies with the recommended list of default file types (see below).

This message is associated with Microsoft 365 Roadmap ID 85611.

When this will happen

Starting mid-June and completion of deployment by late July

How this will affect your organization

Once these changes are rolled out, the list of default file type selections to the newly created policies and the default policy will differ from your existing policies. You will need to review the existing policies and update the list with recommended file types (see below).

What you need to do to prepare

Review existing anti-malware policies and add the recommended file types to the block list. Since the default policy will now cover more file types, it’s likely that the expanded list of files in the default policy will block messages. If you do not want the new list of file types to be active, create a custom anti-malware policy (soon, before this feature deployment) with the file types that meet your needs.

Learn more

Review the following resources below to learn more:

The list of file types:

7z, 7zip,

a, accdb, accde,ace, action, ade, adp, apk, app, appx, appxbundle, arj, asf, asp, aspx, ani, avi,

bat, bin, bundle, bz, bz2, bzip2,

cab, caction, cer, chm, cmd, com, command, cpl, crt, csh, css,

deb, der, dex, dgz, dll, dmg, doc, docm, docx, dot, dotm, dtox, dylib,

elf, exe,

font,

gz, gzip,

hlp, hta, htm, html,

img, imp, inf, ins, ipa, iso, isp, its,

jar, jnlp, js, jse,

kext, ksh,

lha, lib, library, lnk, lqy, lzh,

macho, mad, maf, mag, mam, maq, mar, mas, mat, mav, maw, mda, mdb, mde, mdt, mdw, mdz, mht,

mhtml, msc, mscompress, msh, msh1, msh1xml, msh2, msh2xml, mshxml, msi, msix, msixbundle, msp, mst,

o, obj, odp, ods, odt, one, onenote, ops,

package, pages, pbix, pdb, pdf, php, pif, pkg, plugin, ppa, ppam, pps, ppsm, ppsx, ppt, pptm, pptx, prf,

prg, ps1, ps1xml, ps2, ps2xml, psc1, psc2, pst, pub, py,

rar, reg, rev, rpm, rtf,

scf, scpt, scr, sct, service, sh, shx, shb, shtm, so, sys,

tar, tarz, terminal, tgz, tool,

uif, url,

vb, vbe, vbs, vhd, vsd, vsdm, vsdx, vsmacros, vss, vssx, vst, vstm, vstx, vsw, vxd,

workflow, ws, wsc, wsf, wsh,

xhtml, xla, xlam, xll, xls, xlsb, xlsm, xlsx, xlt, xltm, xltx, xz,

z, zi, zip, zipx,

The default selection from the above file type list is:

ace, apk, app, appx, ani, arj,

bat,

cab, cmd,com,

deb, dex, dll, docm,

elf, exe,

hta,

img, iso,

jar, jnlp,

kext,

lha, lib, library, lnk, lzh

macho, msc, msi, msix, msp, mst

pif, ppa, ppam,

reg, rev,

scf, scr, sct, sys,

uif,

vb, vbe, vbs, vxd

wsc, wsf, wsh

xll, xz

z

Message ID: MC379408
Published: 13 May 2022
Updated: 13 May 2022

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker