That’s the exact reason why email providers tend to be incredibly selective about what kinds of attachments their services allow.
Microsoft recently announced that they’re further restricting their number of allowable extension types, placing a total of 36 additional file extensions. That’s thirty-eight new file types you won’t be able to download via Outlook Web, and it brings the total number of blocked file types up to 140.
The company had this to say about the matter:
“We’re always evaluating ways to improve security for our customers and so we took the time to audit the existing blocked file list and update it to better reflect the file types we see as risks today.”
The good news is that you’re unlikely to notice the impact of the new additions, even though it sounds like a big increase. That’s because most of the extensions the company plans to adopt are fairly exotic and seldom used. When they are used, at least a significant percentage of the time, they’re used by hackers for nefarious purposes.
Here’s a list of the extensions Microsoft plans to add to the list:
- .py
- .pyc
- .pyo
- .pyw
- .pyz
- .pyzw
- .ps1
- .ps1xml
- .ps2
- .ps2xml
- .psc1
- .psc2
- .psd1
- .psdm1
- .cer
- .crt
- .der
- .jar
- .jnlp
- .appcontent-ms
- .settingcontent-ms
- .cnt
- .hpj
- .website
- .webpnp
- .mcf
- .printerexport
- .pl
- .theme
- .vbp
- .xbap
- .xll
- .xnk
- .msc
- .diagcab
- .grp
Again, most people have probably never even heard of, and don’t use these extensions anyway, so it shouldn’t have a huge or visible impact, but be aware that the change is coming.