If you think security threats only affect Gmail users, think again. All email platforms—including Microsoft Outlook—are frequent targets for cyberattacks. In fact, many of the tactics used by threat actors are the same across platforms, particularly when it comes to malicious attachments.
Microsoft has recently announced an important security update: Starting in early July, Outlook Web and the new Outlook for Windows will block two specific file types that have been used in recent email-based attacks. However, you shouldn’t wait for the update to roll out before taking action.
What’s Changing?
Microsoft will add .library-ms and .search-ms to its list of blocked file types in the default OwaMailboxPolicy. This move is part of their ongoing effort to strengthen protection for Outlook users.
For those who do send or receive these types of files, Microsoft warns that users will no longer be able to open or download them once the block goes into effect.
Why These Files?
The .library-ms extension, which relates to Windows Library files, was part of a known cyberattack earlier this year where hackers used it to expose NTLM password hashes. The .search-ms extension has also been flagged as a risk. Both are now being recognized for their potential to be weaponized in phishing or malware distribution campaigns.
What Should You Do Now?
Don’t wait for the policy update to protect yourself. Until the block is officially in place, these risky file types could still reach your inbox.
- Do not open any email attachments ending in .library-ms or .search-ms.
- Educate your team about the risks associated with these files.
- Review your organization’s email policies and consider proactively blocking these extensions in your own security tools.
Final Thoughts
Email-based threats are evolving, and even less commonly used file types can be turned into dangerous tools by cybercriminals. Microsoft’s proactive blocking of these file types is a step in the right direction—but user awareness is still your first line of defense. Stay alert, stay updated, and never assume your inbox is risk-free.
Leave a Reply