Microsoft is expanding its list of blocked attachments in Outlook Web and Outlook for Windows to include .library-ms and .search-ms files starting in July 2025. This measure aims to prevent phishing and malware attacks exploiting these rarely used file types and enhance overall security against Windows vulnerabilities. #CVE-2025-24054 #CVE-2022-30190
Keypoints
- Microsoft will block .library-ms and .search-ms file types in Outlook Web and Outlook for Windows beginning in July 2025.
- This update is part of Microsoft’s ongoing efforts to enhance security and prevent exploitation of Windows vulnerabilities.
- The affected file types have been used in phishing and malware attacks, including exploits of CVE-2025-24054 and CVE-2022-30190.
- Most organizations will not be affected since these file types are rarely used, but adjustments can be made to allow them if needed.
- Microsoft has progressively implemented security measures like blocking macros and disabling ActiveX controls to prevent malware infections.