Microsoft has, in the past, restricted certain files from being sent via Outlook for security concerns. There are specific file types that people don’t usually send over email, but scammers do in order to infect victims. As such, Microsoft has stood by the idea that blocking these file types is worth the hassle, as it negatively affects a small group of people but positively affects everyone else.
Recently, Microsoft added another 38 file extensions to the list. This means if you attempt to send emails with these files attached, Microsoft will block the attempt. As such, it’s a good idea to wise up on these formats, as it may affect your workflow.
What Was Blocked?
As per the announcement announcing this change, Microsoft has listed the exact file extensions that are now blocked. These include:
- Files related to the Python scripting language (“.py,” “.pyc,” “.pyo,” “.pyw,” “.pyz,” and “.pyzw”)
- Files related to the PowerShell scripting language (“.ps1,” “.ps1xml,” “.ps2,” “.ps2xml,” “.psc1,” “.psc2,” “.psd1,” “.psdm1,” “.cdxml,” and “.pssc”)
- Java Files (“.jar” and “.jnlp”)
- Digital Certificate Files (“.cer,” “.crt,” “.der”)
- Windows ClickOnce Files (“.appref-ms”)
- Microsoft Data Access Components (“.udl”)
- Windows Sandbox files (“.wsb”)
- Files used by “various applications” as stated by Microsoft (“.appcontent-ms,” “.settingcontent-ms,” “.cnt,” “.hpj,” “.website,” “.webpnp,” “.mcf,” “.printerexport,” “.pl,” “.theme,” “.vbp,” “.xbap,” “.xll,” “.xnk,” “.msu,” “.diagcab,” and “.grp”)
As you can tell, these are files that are rarely sent around unless it’s among work colleagues or specialists in a particular field. Someone who doesn’t use Python, PowerShell, or Java may never receive a legitimate email with one attached, and even those who do have other ways of sending scripts than over email.
Of course, these file types are additions to an already-existing list, so there are more files you need to be careful with. To see the whole list, be sure to read Microsoft’s page on all of their blocked file types.
How to Get Around the Block
Fortunately, while Microsoft has brought down the hammer on these file types, they’re also quick to list how to email these files to other people.
Use Cloud Storage
For one, you can upload the file to a cloud-based service and send a link to your contact. Microsoft suggests using their service called OneDrive, but there should be nothing stopping you from using another service like Google Drive or Dropbox.
Zip it up
You can also bundle the file into a zipped folder and send it to your contact that way. Because the filetype will be named according to the compression tool you used (such as “.zip”), it will get under Outlook’s radar.
Finally, Microsoft suggests you rename the file extension to something different, then tell the contact to convert it back. For example, if you want to send a .jar file, you can delete the file type, replace it with “.txt” and send it. Your contact can then rename it back to .jar on their end.
Fiddling with Files
Microsoft has made the move to ban files used to spread malware, which hopefully doesn’t impact the public’s use of Outlook. However, if you are affected, there are ways around the block.
Do you think this file block is necessary to protect people, given how easy it is to evade it? Let us know below.