CyberNews Briefs

Outlook on the Web to Block File Extensions for PowerShell, Python, and More

In order to help protect Outlook users against malicious email attachments, Microsoft is adding another 38 file extensions to its blacklist for attachments. The company acknowledges that these extensions pose a threat because hackers can use them to target users with malicious files designed to plant malware, exploit security flaws or carry out other nefarious actions upon execution.

The extensions to be added fall into the following five categories:

  • Python extensions: .py, .pyc, .pyo, .pyw, .pyz, .pyzw
  • PowerShell extensions: .ps1, .ps1xml, .ps2, .ps2xml, .psc1, .psc2, .psd1, .psdm1, .psd1, .psdm1
  • Certificate management extensions: .cer, .crt, .der
  • Java extensions: .jar, .jnlp
  • Extensions used by vulnerabilities: .appcontent-ms, .settingcontent-ms, .cnt, .hpj, .website, .webpnp, .mcf, .printerexport, .pl, .theme, .vbp, .xbap, .xll, .xnk, .msu, .diagcab, .grp

Read more: Outlook on the Web to Block File Extensions for PowerShell, Python, and More

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.