Outlook Users Must Not Open These 2 Files, Microsoft Warns
Don't be fooled by all the headlines into thinking it is only Gmail users who are exposed to ongoing security threats. All email users are targets of threat actors, including Outlook, and many of the methods used in such cyberattacks are identical. This is certainly the case when it comes to the use of attachments to distribute malware or entice victims into taking the bait during a phishing attack. Microsoft has now announced that, starting in July, it will block two file types that have been observed in email-based attacks earlier this year. But don't wait for the OwaMailboxPolicy default policy update to arrive; be aware that you must not open these attachments between now and then. Here's what you need to know if you use Outlook Web or the latest Outlook for Windows.
Microsoft has now confirmed that, with effect in 'early July,' the list of blocked attachments for users of Outlook Web and Outlook for Windows will be updated to include two new file types that are known to be dangerous.
The BlockedFileTypes list that forms part of the default OwaMailboxPolicy will be updated to include both .library-ms and .search-ms as 'part of our ongoing efforts to enhance security in Outlook Web and the New Outlook for Windows,' Microsoft said in an official announcement.
This is important stuff, as one of these file types, .library-ms which comprises Windows Lib ray files, was part of an attack against organizations exposing NTLM password hashes, as I reported in March.
Anything that can help reduce the flow of attacks deployed by cybercriminals targeting email users has to be a good thing, and this ongoing action from Microsoft is a welcome move for the impacted Outlook users.
The good news is that, as Microsoft confirmed, the newly blocked file types are rarely used, so the blocking should have little impact on most organizations. 'However, if your users are sending and receiving affected attachments,' Microsoft said, 'they will report that they are no longer able to open or download them in Outlook Web or the New Outlook for Windows.'
Everyone should be aware that opening attachments within Outlook can be a very risky business. Do not wait until July if you use the OwaMailboxPolicy for protection, get educated and ensure you don't open these dangerous file types beforehand.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
13 minutes ago
- Business Insider
Microsoft CEO calls job cuts in the midst of big profits the 'enigma of success' in internal memo
This story is available exclusively to Business Insider subscribers. Become an Insider and start reading now. Microsoft CEO Satya Nadella sent a note to employees on Thursday trying to explain why the company has cut thousands of jobs while generating huge profits and spending billions on AI. "This is the enigma of success in an industry that has no franchise value," Nadella wrote. "Progress isn't linear. It's dynamic, sometimes dissonant, and always demanding. But it's also a new opportunity for us to shape, lead through, and have greater impact than ever before." Microsoft this year has said it would shed about 15,000 employees and cut nearly 2,000 additional staff deemed underperformers. Related video Meanwhile, the company's net income has totaled roughly $75 billion over the latest three fiscal quarters. Microsoft is also spending $80 billion on AI infrastructure investments. The stock is up 21% this year, and hit a record earlier in July. Nadella acknowledged what he called the "uncertainty and seeming incongruence of the times we're in." "By every objective measure, Microsoft is thriving—our market performance, strategic positioning, and growth all point up and to the right," Nadella wrote. "We're investing more in CapEx than ever before. Our overall headcount is relatively unchanged, and some of the talent and expertise in our industry and at Microsoft is being recognized and rewarded at levels never seen before. And yet, at the same time, we've undergone layoffs." Nadella penned a similar note in 2023. That year, Microsoft announced its first massive layoff of the post-pandemic era and also paused raises. At the time, some employees blasted the CEO for praising the company's successes without acknowledging those tough moves. This time, the CEO took a more balanced approach. Read Nadella's full memo: As we begin a new fiscal year, I've been reflecting on the road we've traveled together and the path ahead. Before anything else, I want to speak to what's been weighing heavily on me, and what I know many of you are thinking about: the recent job eliminations. These decisions are among the most difficult we have to make. They affect people we've worked alongside, learned from, and shared countless moments with—our colleagues, teammates, and friends. Please help BI improve our Business, Tech, and Innovation coverage by sharing a bit about your role — it will help us tailor content that matters most to people like you. What is your job title? (1 of 2) Entry level position Project manager Management Senior management Executive management Student Self-employed Retired Other What products or services can you approve for purchase in your role? (2 of 2) Advertising / Marketing Client / Account Management Company strategy HR / Training / Office support Managing budgets IT / Telecoms / Tech Recruiting new employees Sales Software development Financial Other None of the above Continue By providing this information, you agree that Business Insider may use this data to improve your site experience and for targeted advertising. By continuing you agree that you accept the Terms of Service and Privacy Policy Thanks for sharing insights about your role. I want to express my sincere gratitude to those who have left. Their contributions have shaped who we are as a company, helping build the foundation we stand on today. And for that, I am deeply grateful. I also want to acknowledge the uncertainty and seeming incongruence of the times we're in. By every objective measure, Microsoft is thriving—our market performance, strategic positioning, and growth all point up and to the right. We're investing more in CapEx than ever before. Our overall headcount is relatively unchanged, and some of the talent and expertise in our industry and at Microsoft is being recognized and rewarded at levels never seen before. And yet, at the same time, we've undergone layoffs. This is the enigma of success in an industry that has no franchise value. Progress isn't linear. It's dynamic, sometimes dissonant, and always demanding. But it's also a new opportunity for us to shape, lead through, and have greater impact than ever before. The success we want to achieve will be defined by our ability to go through this difficult process of "unlearning" and "learning." It requires us to meet changing customer needs, by continuing to maintain and scale our current business, while also creating new categories with new business models and a new production function. This is inherently hard, and few companies can do both. But I have full confidence that we can, and we will once again find the resolve, courage, and clarity to deliver on our mission in this new paradigm. With that context, I want to re-ground ourselves in our why, what, and how: our mission, our priorities, and our culture. Our why: mission What does achieving our mission look like and feel like for us as a company? When Microsoft is succeeding, the world around us must succeed too. This is why each of us chose to be here, and as a company it's how we earn our social permission to operate. When Bill founded Microsoft, he envisioned not just a software company, but a software factory, unconstrained by any single product or category. That idea has guided us for decades. But today, it's no longer enough. We must reimagine our mission for a new era. What does empowerment look like in the era of AI? It's not just about building tools for specific roles or tasks. It's about building tools that empower everyone to create their own tools. That's the shift we are driving—from a software factory to an intelligence engine empowering every person and organization to build whatever they need to achieve. Just imagine if all 8 billion people could summon a researcher, an analyst, or a coding agent at their fingertips, not just to get information but use their expertise to get things done that benefit them. And consider how organizations, empowered with AI, could unlock entirely new levels of agility and innovation by transforming decision-making, streamlining operations, and enabling every team to achieve more together than ever before. That's the empowerment our mission enables, creating local surplus in every company, community, and country. And that's our opportunity ahead. Our what: priorities To deliver on our mission, we need to stay focused on our three business priorities: security, quality, and AI transformation. We are doubling down on the fundamentals while continuing to define new frontiers in AI. Security and quality are non-negotiable. Our infrastructure and services are mission critical for the world, and without them we don't have permission to move forward. We've made substantial progress across SFI, QEI, and Engineering Thrive this year, and they remain top priorities to ensure that we continuously improve our innovation velocity and our operational metrics. We will reimagine every layer of the tech stack for AI—infrastructure, to the app platform, to apps and agents. The key is to get the platform primitives right for these new workloads and for the next order of magnitude of scale. Our differentiation will come from how we bring these layers together to deliver end-to-end experiences and products, with the core ethos of a platform company that fosters ecosystem opportunity broadly. Getting both the product and platform right for the AI wave is our North Star! Our performance this past year has positioned us well. And we must move forward with the intentionality and intensity that these industry shifts demand. Our how: culture Growth mindset has served us well over the last decade—the everyday practice of being a learn-it-all, not a know-it-all. It has reshaped our culture and helped us lead with greater humility and empathy. We need to keep that. It starts with each of us as individuals and our personal drive to learn, improve, and get better every day. Professional rewards, growth, and pride in our craft will always be the prime drivers. Beyond that, we each have the opportunity to connect our personal passion and philosophy of how we derive meaning from the work we do with Microsoft's mission to empower the world. This is what makes it all worthwhile. This platform shift is reshaping not only the products we build and the business models we operate under, but also how we are structured and how we work together every day. It might feel messy at times, but transformation always is. Teams are reorganizing. Scopes are expanding. New opportunities are everywhere. It reminds me of the early '90s, when PCs and productivity software became standard in every home and every desk! That's exactly where we are now with AI. Years from now, when you look back at your time here, I hope you'll say: "That's when I learned the most. That's when I made my biggest impact. That's when I was part of something transformational." What we've learned over the past five decades is that success is not about longevity. It's about relevance. Our future won't be defined by what we've built before, but by what we empower others to build now. And I know that with your dedication, drive, and hard work we can go win together, and change the world in the process. I look forward to sharing more at Earnings next week and addressing your questions at our next Town Hall. Satya
The Verge
14 minutes ago
- The Verge
OpenAI prepares to launch GPT-5 in August
Earlier this year, I heard that Microsoft engineers were preparing server capacity for OpenAI's next-generation GPT-5 model, arriving as soon as late May. After some additional testing and delays, sources familiar with OpenAI's plans tell me that GPT-5 is now expected to launch as early as next month. OpenAI CEO Sam Altman recently revealed on X that 'we are releasing GPT-5 soon' and even teased some of its capabilities in a podcast appearance with Theo Von earlier this week. Altman decided to let GPT-5 take a stab at a question he didn't understand. 'I put it in the model, this is GPT-5, and it answered it perfectly,' Altman said. He described it as a 'here it is moment,' adding that he 'felt useless relative to the AI' because he felt like he should have been able to answer the question but GPT-5 answered it instantly. 'It was a weird feeling.' GPT-5 had already been spotted in the wild before Altman's appearance on This Past Weekend, fueling speculation that the next-generation GPT model was imminent. I understand OpenAI is planning to launch GPT-5 in early August, complete with mini and nano versions that will also be available through its API. I reached out to OpenAI to comment on the launch of GPT-5 in August, but the company did not respond in time for publication. Altman referred to GPT-5 as 'a system that integrates a lot of our technology' earlier this year, because it will include the o3 reasoning capabilities instead of shipping those in a separate model. It's part of OpenAI's ongoing efforts to simplify and combine its large language models to make a more capable system that can eventually be declared artificial general intelligence, or AGI. The declaration of AGI is particularly important to OpenAI, because achieving it will force Microsoft to relinquish its rights to OpenAI revenue and its future AI models. Microsoft and OpenAI have been renegotiating their partnership recently, as OpenAI needs Microsoft's approval to convert part of its business to a for-profit company. It's unlikely that GPT-5 will meet the AGI threshold that's reportedly linked to OpenAI's profits. Altman previously said that GPT-5 won't have a 'gold level of capability for many months' after launch. Unifying its o-series and GPT-series models will also reduce the friction of having to know which model to pick for each task in ChatGPT. I understand that the main combined reasoning version of GPT-5 will be available through ChatGPT and OpenAI's API, and the mini version will also be available on ChatGPT and the API. The nano version of GPT-5 is expected to only be available through the API. While GPT-5 looks likely to debut in early August, OpenAI's planned release dates often shift to respond to development challenges, server capacity issues, or even rival AI model announcements and leaks. Earlier this month, I warned about the possibility of a delay to the open language model that OpenAI is also preparing to launch, and Altman confirmed my reporting just days after my Notepad issue by announcing a delay 'to run additional safety tests and review high-risk areas.' I'm still hearing that this open language model is imminent and that OpenAI is trying to ship it before the end of July — ahead of GPT-5's release. Sources describe the model as 'similar to o3 mini,' complete with reasoning capabilities. This new model will be the first time that OpenAI has released an open-weight model since its release of GPT-2 in 2019, and it will be available on Azure, Hugging Face, and other large cloud providers. Microsoft made security its top priority last year, following years of security issues and mounting criticism after a scathing report from the US Cyber Safety Review Board. The company has been working to improve its 'inadequate' security culture ever since. But this week, we were reminded of Microsoft's challenges once again. A major security flaw in Microsoft's on-premises versions of SharePoint allowed hacking groups to exploit a zero-day vulnerability and breach more than 50 organizations — including the US nuclear weapons agency. Security researchers discovered the vulnerability was being exploited on July 18th, and Microsoft issued an alert a day later. Microsoft engineers then spent all weekend working on patches and released updates for SharePoint Subscription Edition and SharePoint 2019 late on July 20th. A patch for SharePoint 2016 servers was released on the morning of July 22nd. The previously unpatched flaw appears to have originated from a combination of two bugs that were presented at the Pwn2Own hacking contest in May. Microsoft has linked the attacks to two hacking groups that are affiliated with the Chinese government, but the company hasn't disclosed exactly how hackers were able to bypass its patches to create a zero-day exploit. The security flaw was only exploitable through on-premises versions of SharePoint, so the Microsoft 365 version of SharePoint Online was unaffected. This certainly limited the scale of damage, but the targeted nature of these attacks will be hugely concerning for Microsoft and the company's customers. It's also likely to accelerate a move away from these older versions of SharePoint, which are in the extended support phase until July 2026. Complicating the concern around Microsoft's security practices is a new report from ProPublica that warns of a little-known Microsoft program that could expose the US Defense Department to Chinese hackers. Microsoft has been using engineers in China to help maintain the department's computer systems, with digital escorts that reportedly lack the technical expertise to properly police foreign engineers. It's a troubling development after the Office of the Director of National Intelligence called China the 'most active and persistent cyber threat to US Government, private-sector, and critical infrastructure networks.' On the same day the SharePoint exploit was discovered, Microsoft's head of communications, Frank Shaw, responded to the ProRepublica report and announced changes to 'assure that no China-based engineering teams are providing technical assistance for DoD Government cloud and related services.' Sources tell me that Microsoft's escort program has now been locked down to only US-based employees for its government cloud data centers in Fairfax, Virginia. Microsoft's entire threat protection teams were warned about the change on July 23rd, and there are 'no exceptions' to the lockdown. Still, it's surprising that such a program even existed, and Microsoft will now face some big questions around why it was using China-based engineers to maintain Defense Department systems. Sen. Tom Cotton has already asked the secretary of defense to look into Microsoft's practices, and I'm sure Microsoft's security teams are about to be busier than ever this summer. I'm always keen to hear from readers, so please drop a comment here, or you can reach me at notepad@ if you want to discuss anything else. If you've heard about any of Microsoft's secret projects, you can reach me via email at notepad@ or speak to me confidentially on the Signal messaging app, where I'm tomwarren.01. I'm also tomwarren on Telegram, if you'd prefer to chat there. Thanks for subscribing to Notepad. Posts from this author will be added to your daily email digest and your homepage feed. See All by Tom Warren Posts from this topic will be added to your daily email digest and your homepage feed. See All AI Posts from this topic will be added to your daily email digest and your homepage feed. See All Microsoft Posts from this topic will be added to your daily email digest and your homepage feed. See All Notepad Posts from this topic will be added to your daily email digest and your homepage feed. See All OpenAI Posts from this topic will be added to your daily email digest and your homepage feed. See All Tech
Geek Wire
an hour ago
- Geek Wire
Microsoft contains SharePoint security wildfire, but questions linger about on-premises software
Microsoft's latest vulnerability impacted on-premises SharePoint software. (GeekWire File Photo / Todd Bishop) Editor's note: This is a guest analysis from Christopher Budd, who previously spent a decade at the Microsoft Security Response Center (MSRC). Emergency security teams know summer weekends are made for work. Last weekend was a reminder of that industry truism with Microsoft's SharePoint vulnerability (CVE-2025-53770). It's a classic 'remote code execution' vulnerability that only affects on-premises SharePoint servers. It can give an attacker full control over a system without authentication. If you can access the system on the internet, you can attack it and take it over. We saw attackers around the world using it quickly to establish a foothold on vulnerable networks, frequently using webshells like we saw happen with Microsoft Exchange in 2012 and 2022 with the ProxyShell and ProxyNotShell attacks. The attacks were another classic 'zero day' situation, with a new vulnerability under attack and no patch initially available. This time, Microsoft published information broadly within a day and started releasing patches within two days of the event breaking, a nearly unprecedented speed of response for them. Microsoft execs got the word out with each new development, providing clear, urgent direction. Certainly, when we look at the response, it was faster and better than we saw with ProxyNotShell. It was another example of Microsoft showing that when it needs to, it can pull out the stops with its security response, much like it did with SolarWinds in December 2020. Microsoft has also steered clear recently of the kinds of major breaches that plagued the company from March 2022 through January 2024, when corporate and cloud systems were breached by three major threat actor groups (Lapsu$, Storm-0558, Midnight Blizzard). RELATED STORY Microsoft grapples with another security breach: The latest on the SharePoint attacks Taken altogether, we can think of this as a wildfire that was identified and contained relatively quickly. There is damage from it, and teams are coming off (yet another) very long summer weekend. But compared to what this could have been, this situation was merely bad, not awful. Yet this vulnerability also exposes a fundamental tension: While Microsoft's response was exemplary, the fact that we're still seeing critical zero-day flaws in on-premises products raises questions about where these systems fit in Microsoft's cloud-first, AI-focused future. Where does securing on-premises software like Exchange, SharePoint, and, yes, Windows (which includes ActiveDirectory) get prioritized in the company's Secure Future Initiative? The well-oiled Patch Tuesday machine that I and others helped build in the early 2000s continues to chug along. But the number of patches continues to increase and the level of innovation and development around Patch Tuesday has generally dropped off in recent years. As a case in point, Microsoft promised 'no reboot' patches in the late 2000s. I distinctly recall that we promised this as 'coming soon' on the security bulletin webcasts I hosted then. But no-reboot patches never materialized at the time. While Microsoft is delivering on this promise, finally, it has taken more than 15 years, and the company is implementing it in a way that is clearly focused on the enterprise space — at a cost to users and tied to the company's cloud offerings. In today's cloud-and-AI era, many organizations still rely on on-premises systems like SharePoint for essential operations. Microsoft's swift response to this latest vulnerability proves it can rise to the occasion. But as the company accelerates its cloud-first agenda, it's fair to ask: Will on-premises software receive the same level of care and innovation? The latest fire may be out, but that burning question remains.
