New file protection in Teams chat and channels blocks unsafe content [MC1148540]

New file protection in Teams chat and channels blocks unsafe content [MC1148540]

Message ID: MC1148540

Introduction

Microsoft Teams is introducing a new protection feature that blocks messages containing weaponizable file types—such as executables—in chats and channels. This helps reduce the risk of malware and file-based attacks by preventing unsafe content from being shared. This message applies to Teams for Windows desktop, Teams for Mac desktop, Teams for the web, and Teams for iOS/Android.

This message is associated with Roadmap ID 499892.

When this will happen

  • Targeted release (Worldwide): Starts early September 2025; expected to complete by mid-September 2025.
  • General Availability (Worldwide): Starts early November 2025; expected to complete by mid-November 2025.

How this affects your organization

Once enabled, Teams will automatically block messages that include weaponizable file types. This applies to both internal and external conversations.

  • Recipients will see a notification that a message was blocked but cannot access the content.
  • Senders will receive a notification and can edit and resend the message without the unsafe file.

user settings

Targeted release vs. General Availability behavior:

  • Targeted release: Protection is enforced only when all organizations in the conversation have the feature enabled. This feature is off by default and requires admin activation.
  • General Availability: Protection is enforced if at least one participant has the feature enabled. This feature is on by default. Admin settings saved during Targeted Release will remain unchanged.

What you can do to prepare

Admins can enable this protection in the Teams Admin Center:

  1. Go to the Teams Admin Center
  2. Navigate to Messaging Settings
  3. Turn on the setting: Scan messages for file types that are not allowed

user settings

Alternatively, use PowerShell with the -FileTypeCheck parameter.

Once enabled, all users in your tenant will begin seeing file protection applied in their messages.

Blocked file types include:

ace, ani, apk, app, appx, arj, bat, cab, cmd, com, deb, dex, dll, docm, elf, exe, hta, img, iso, jar, jnlp, kext, lha, lib, library, lnk, lzh, macho, msc, msi, msix, msp, mst, pif, ppa, ppam, reg, rev, scf, scr, sct, sys, uif, vb, vbe, vbs, vxd, wsc, wsf, wsh, xll, xz, z

Learn more: 

Compliance considerations

Compliance Area Explanation
Does the change modify how users can access, export, delete, or correct their personal data within Microsoft 365 services? Blocked messages are not delivered, which may affect access to the original message content. Recipients of messages with disallowed file types will not receive the message or its attachments.

Source: Microsoft

Latest Posts

Pass It On
Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *