Introduction
Microsoft Teams is introducing a new protection feature that blocks messages containing weaponizable file types—such as executables—in chats and channels. This helps reduce the risk of malware and file-based attacks by preventing unsafe content from being shared. This message applies to Teams for Windows desktop, Teams for Mac desktop, Teams for the web, and Teams for iOS/Android.
This message is associated with Roadmap ID 499892.
When this will happen
- Targeted release (Worldwide): Starts early September 2025; expected to complete by mid-September 2025.
- General Availability (Worldwide): Starts early November 2025; expected to complete by mid-November 2025.
How this affects your organization
Once enabled, Teams will automatically block messages that include weaponizable file types. This applies to both internal and external conversations.
- Recipients will see a notification that a message was blocked but cannot access the content.
- Senders will receive a notification and can edit and resend the message without the unsafe file.
Targeted release vs. General Availability behavior:
- Targeted release: Protection is enforced only when all organizations in the conversation have the feature enabled. This feature is off by default and requires admin activation.
- General Availability: Protection is enforced if at least one participant has the feature enabled. This feature is on by default. Admin settings saved during Targeted Release will remain unchanged.
What you can do to prepare
Admins can enable this protection in the Teams Admin Center:
- Go to the Teams Admin Center
- Navigate to Messaging Settings
- Turn on the setting: Scan messages for file types that are not allowed
Alternatively, use PowerShell with the -FileTypeCheck
parameter.
Once enabled, all users in your tenant will begin seeing file protection applied in their messages.
Blocked file types include:
ace
, ani
, apk
, app
, appx
, arj
, bat
, cab
, cmd
, com
, deb
, dex
, dll
, docm
, elf
, exe
, hta
, img
, iso
, jar
, jnlp
, kext
, lha
, lib
, library
, lnk
, lzh
, macho
, msc
, msi
, msix
, msp
, mst
, pif
, ppa
, ppam
, reg
, rev
, scf
, scr
, sct
, sys
, uif
, vb
, vbe
, vbs
, vxd
, wsc
, wsf
, wsh
, xll
, xz
, z
Learn more:
- Overview of security and compliance – Microsoft Teams | Microsoft Learn (will be updated before rollout)
- Malicious URL Protection in Microsoft Teams
Compliance considerations
Compliance Area | Explanation |
---|---|
Does the change modify how users can access, export, delete, or correct their personal data within Microsoft 365 services? | Blocked messages are not delivered, which may affect access to the original message content. Recipients of messages with disallowed file types will not receive the message or its attachments. |
Source: Microsoft
Latest Posts
- Power Apps – Manage your source code for canvas apps [MC1148593]
- Dynamic video tile resizing based on occupancy count from Teams Rooms on Android [MC1148542]
- Microsoft Teams: Collaborative Notes in Chats [MC1148543]
- Simultaneous role-specific Teams Town hall and Webinar views in Teams Rooms on Windows [MC1148546]