M365 Changelog: Anti-malware policy : Common attachment filter : Additional file types block by default

MC285906 – The ‘Common attachment filter’ option in the ‘Anti-malware’ policy helps the Administrator configure the file types (based on file extension) which need to be blocked in the emails. This block action is applied anytime the file type of any attachment in the email matches this configurated file type list.

The current pre-configured list has 96 file types. Of these 96 file types, 10 files types are selected by default in the block list. When a new policy is created, these 10 file types are selected, to be blocked, by default. Administrator can make changes to this selection by selecting more file types or making changes to existing file types. If the Administrator chooses to extend this behavior to more file types, then this is possible using PowerShell option.

As part of this enhancement to the feature, Microsoft is adding three additional file types to the default selection list. The newly added file types are ‘.iso’, ‘.cab’ and ‘.jnlp’.

Key points

Microsoft 365 Roadmap ID 85611

Timing: Microsoft expects this feature to begin rolling out in early October and expect the rollout to be completed by late October.

Roll-out: tenant level

Action: Review and assess.

How this will affect your organization:

Once these enhancements are rolled out, any email received by / sent from the users of your organization will be quarantined if any of the attached files matches with the newly added three file types.

What you need to do to prepare:

If your organization would like to have the emails with these file types blocked, then there is no action. However, if your organization needs require that these files be allowed, then the Administrator needs to edit the Anti-Malware policies and de-select these newly added file types.