Microsoft Exchange will soon block ISO files by default

News
By published

With the addition, the number of blocked files edges close to a hundred

Representational image depecting cybersecurity protection
(Image credit: Shutterstock)

In order to thwart attempts by threat actors to sneak in malware inside certain files, Microsoft is appending ISO files, along with a couple of others, to the list of file types that won’t be allowed to land in the inbox of Microsoft Exchange users.

ISO files are increasingly emerging as a popular enclosure for circulating malicious files and documents. Cybersecurity experts have warned that while Windows 10 can mount ISO files without relying on third-party tools, its contents aren’t usually scanned by the operating system.

In fact, in a recent attack, threat actors relied on this behavior to pass compromised versions of documents that escaped Microsoft Office’s Protected View protections just because they were rolled inside ISO files.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

To prevent such attacks, Microsoft has tweaked the default policies of Microsoft Exchange to make sure that all emails with ISO file attachments are now automatically quarantined, giving users some pause to approach them more cautiously.

More lethal than useful

According to MSPowerUser, the policy change in Microsoft Exchange will begin rolling out early next month in October, and is slated for completion towards the end of the month.

In addition to ISO files, Microsoft has also decided to include the .cab files, as well as .jnlp files to the list of file types banned by Microsoft Exchange, particularly for their increased use for malicious activities.

The .cab files are archive files that don’t find much use as a general-purpose archive format. On the other hand, the .jnlp files can launch Java programs over the web on any computer that has a Java Runtime Environment (JRE) installed, making them more lethal than useful from a cybersecurity perspective.

With the addition of the three file formats, the total number of file types blocked automatically by Microsoft Exchange has now reached 96.

Via MSPowerUser

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
email
A Windows filetype update may have complicated cyber threat detection efforts
Outlook
Dangerous Microsoft Outlook flaw could let hackers send out malware via email
Flag of the People&#039;s Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
SVG files are offering cybercriminals an easy way in with new phishing attacks
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
US government urges federal agencies to patch Microsoft 365 now
Shutterstock.com / kanlaya wanon
Microsoft Teams abused in Russian email bombing ransomware campaign
Latest in Pro
Hands typing on a keyboard surrounded by security icons
Outdated ID verification myths put businesses at risk
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Meet create custom backgrounds
More AI features are coming to Google Workspace
Mac Studio on a desk
I compared Apple's Mac Studio M3 Ultra with 10 Windows workstations and I am truly shocked by what I found
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Latest in News
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Lilo &amp; Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
The Discovery+ homepage
Discovery+ just got a big update to its streaming app that makes it more like Max – here are 5 great new features to try
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
More about pro
HeyGen

What is HeyGen? Everything we know about the AI video platform
Mac Studio on a desk

I compared Apple's Mac Studio M3 Ultra with 10 Windows workstations and I am truly shocked by what I found
iRobot Roomba Combo 205

This new Roomba finally solves the big problem I have with robot vacuums
See more latest
Most Popular
iRobot Roomba Combo 205
This new Roomba finally solves the big problem I have with robot vacuums
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Mac Studio on a desk
I compared Apple's Mac Studio M3 Ultra with 10 Windows workstations and I am truly shocked by what I found
Lilo &amp; Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
China
Chinese hackers targeting Juniper Networks routers, so patch now
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Bolt Zeus 2c26-032 PCIe card
This GPU vendor I've never heard of claims its card is 10x faster than an Nvidia RTX 5090 at real time path tracing
Google Meet create custom backgrounds
More AI features are coming to Google Workspace
A mockup of the possible Apple M3 Ultra logo
Performance isn't the only reason you should buy Apple's M3 Ultra Mac Studio - it's reportedly one of the most power-efficient processors too