Microsoft has announced that it will begin to disable the outer workbook link for the default by default by default by default between October 2025 and July 2026.
After the rollout, the Excel Workbook referring to the blocked file types will display or fail to refresh a #Blocked error, which eliminates the safety risks associated with reaching to unable or reaching high-risk file types, but not limited, fishing attacks, which use workbooks, which uses a malicious paybook to revive the targets.
This change is being introduced as a new FilebloCKEXTERNALLINKS group policy, which expands the file block settings to include the external workbook link.
As the company explained in one Microsoft 365 Admin Center Message On Wednesday, Microsoft 365 will showcase a commercial bar warning of this upcoming change, when opening the workbooks with external links for the blocked file types starts with the build 2509.
However, after updating for the construction of 2510, if the policy is unconfirmed, the users will no longer be able to refresh or create new contexts for blocked file types.
“If not configured, no change will be effective immediately. However, from starting from October 2025, the default behavior will block the external link to file the currently blocked types by the Trust Center,” the company said.
“We recommend reviewing existing workbooks and communicating this change for users who rely on the external link to ensure the continuity of workflow.”
Microsoft 365 Admins who want to refresh the external link for blocked file types, can edit HKCU \ software \ Microsoft \ office
Since the beginning of the year, the company has also added .library-MS and .Search-MS file types, which are in the list of blocked outlook attachments and have begun to discontinue all activex controls in Windows versions of Microsoft 365 and Office 2024 applications.
These changes are part of a comprehensive effort to remove or disable the office and windows features, which have been exploited to infect the microsoft users with malware.
The initiative began in 2018 when Microsoft expanded support for its entimware scan interface (AMSI) in Office 365 client apps, enabled to block attacks using the office VBA macro.
Since then, the company has started blocking VBA Office Macros by default, introduced XLM macro protection, disabled Excel 4.0 (XLM) Macrose announced that it will soon kill VBSCRIPT, and began to block the unidentified XLLL Ads in Microsoft 365 tenants. Will give
Earlier today, Microsoft also announced that it has increased the bounty payment to $ 40,000 for some .NET and ASP.NET core weaknesses.
CISOS knows how to purchase a board begins with a clear, strategic approach how the cloud safety runs the business price.
This helps to introduce the risk, impact and priorities to the free, editable board report deck deck security leaders in clear business terms. Convert security updates into meaningful conversations and take fast decision in boardroom.
