blog.icewolf.ch

Let's talk about IT!
posts - 1924, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

Exchange Online Protection Common Attachment Filter Update

Hallo zusammen,

Microsoft hat im M365 Defender Portal das GUI für die Antimalware File Types überarbeitet.
Bisher waren nur folgende 13 File Extensions im Common Attachment Filter vorhanden.
  • ace
  • ani
  • app
  • cab
  • docm
  • exe
  • iso
  • jar
  • jnlp
  • reg
  • scr
  • vbe
  • vbs



Neu sind bis zu 96 Extensions in einer Liste auswählbar.


Get-MalwareFilterPolicy -Identity <Identity> | select -ExpandProperty FileTypes | measure


Get-MalwareFilterPolicy -Identity <Identity> | select -ExpandProperty FileTypes


Nun sind folgende 96 Extensions auswählbar

  • ace
  • ani
  • app
  • docm
  • exe
  • jar
  • reg
  • scr
  • vbe
  • vbs
  • ade
  • adp
  • asp
  • bas
  • bat
  • cer
  • chm
  • cmd
  • com
  • cpl
  • crt
  • csh
  • der
  • dll
  • dos
  • fxp
  • gadget
  • hlp
  • Hta
  • Inf
  • Ins
  • Isp
  • Its
  • js
  • Jse
  • Ksh
  • Lnk
  • mad
  • maf
  • mag
  • mam
  • maq
  • mar
  • mas
  • mat
  • mau
  • mav
  • maw
  • mda
  • mdb
  • mde
  • mdt
  • mdw
  • mdz
  • msc
  • msh
  • msh1
  • msh1xml
  • msh2
  • msh2xml
  • mshxml
  • msi
  • msp
  • mst
  • obj
  • ops
  • os2
  • pcd
  • pif
  • plg
  • prf
  • prg
  • ps1
  • ps1xml
  • ps2
  • ps2xml
  • psc1
  • psc2
  • pst
  • rar
  • scf
  • sct
  • shb
  • shs
  • tmp
  • url
  • vb
  • vsmacros
  • vsw
  • vxd
  • w16
  • ws
  • wsc
  • wsf
  • wsh
  • xnk

Oder man kann die Liste auf 159 erweitern. Ich habe mir die Erweiterungen aus folgenden Quellen zusammengetragen

URL (Quellen) 

Beschreibung 

Vom Office Fat Client blockierte Dateiendungen 

Zusätzliche Office Files mit Makros 

Weitere Dateiendungen welche in OWA blockiert werden 


Set-MalwareFilterPolicy -Identity Default -FileTypes @("ace","ani","app","docm","exe","jar","reg","scr","vbe","vbs","ade","adp","asp","bas","bat","cer","chm","cmd","com","cpl","crt","csh","der","dll","dos","fxp","gadget","hlp","Hta","Inf","Ins","Isp","Its","js","Jse","Ksh","Lnk","mad","maf","mag","mam","maq","mar","mas","mat","mau","mav","maw","mda","mdb","mde","mdt","mdw","mdz","msc","msh","msh1","msh1xml","msh2","msh2xml","mshxml","msi","msp","mst","obj","ops","os2","pcd","pif","plg","prf","prg","ps1","ps1xml","ps2","ps2xml","psc1","psc2","pst","rar","scf","sct","shb","shs","tmp","url","vb","vsmacros","vsw","vxd","w16","ws","wsc","wsf","wsh","xnk","appcontent-ms","appref-ms","aspx","arj","asx","cdxml","cnt","diagcab","dotm","grp","hpj","hta","htc","img","inf","ins","iso","isp","its","jnlp","jse","ksh","lnk","lzh","mcf","msu","osd","pl","potm","ppsm","pptm","printerexport","psd1","psdm1","pssc","py","pyc","pyo","pyw","pyz","pyzw","r25","r18","r14","r01","settingcontent-ms","tar","theme","udl","vbp","vhd","vhdx","webpnp","website","wsb","xbap","xlam","xll","xlm","xlsm","xltm","xlw","xps") -EnableFileFilter $true -ZapEnabled $true



Liebe Grüsse
Andres Bohren


Print | posted on Friday, November 12, 2021 11:44 AM | Filed Under [ Exchange ]

Powered by:
Powered By Subtext Powered By ASP.NET