New file protection in Teams chat and channels blocks unsafe content

Originally posted by Microsoft Sep 8, 2025 Uncategorized 0 Comments

Microsoft Teams will block messages containing unsafe, weaponizable file types in chats and channels starting September 2025 (targeted release) and November 2025 (general availability). Admins can enable this protection via Teams Admin Center or PowerShell. Blocked files include executables and other risky formats to reduce malware risks.

Microsoft Teams is introducing a new protection feature that blocks messages containing weaponizable file types—such as executables—in chats and channels. This helps reduce the risk of malware and file-based attacks by preventing unsafe content from being shared. This message applies to Teams for Windows desktop, Teams for Mac desktop, Teams for the web, and Teams for iOS/Android.

This message is associated with Roadmap ID 499892.

When this will happen

  • Targeted release (Worldwide): Starts early September 2025; expected to complete by mid-September 2025.
  • General Availability (Worldwide): Starts early November 2025; expected to complete by mid-November 2025.

How this affects your organization

Once enabled, Teams will automatically block messages that include weaponizable file types. This applies to both internal and external conversations.

  • Recipients will see a notification that a message was blocked but cannot access the content.
  • Senders will receive a notification and can edit and resend the message without the unsafe file.

user settings
View image in new tab

Targeted release vs. General Availability behavior:

  • Targeted release: Protection is enforced only when all organizations in the conversation have the feature enabled. This feature is off by default and requires admin activation.
  • General Availability: Protection is enforced if at least one participant has the feature enabled. This feature is on by default. Admin settings saved during Targeted Release will remain unchanged.

What you can do to prepare

Admins can enable this protection in the Teams Admin Center:

  1. Go to the Teams Admin Center
  2. Navigate to Messaging Settings
  3. Turn on the setting: Scan messages for file types that are not allowed

user settings
View image in new tab

Alternatively, use PowerShell with the -FileTypeCheck parameter.

Once enabled, all users in your tenant will begin seeing file protection applied in their messages.

Blocked file types include:

ace, ani, apk, app, appx, arj, bat, cab, cmd, com, deb, dex, dll, docm, elf, exe, hta, img, iso, jar, jnlp, kext, lha, lib, library, lnk, lzh, macho, msc, msi, msix, msp, mst, pif, ppa, ppam, reg, rev, scf, scr, sct, sys, uif, vb, vbe, vbs, vxd, wsc, wsf, wsh, xll, xz, z

Learn more: 

Compliance considerations




Compliance Area Explanation
Does the change modify how users can access, export, delete, or correct their personal data within Microsoft 365 services? Blocked messages are not delivered, which may affect access to the original message content. Recipients of messages with disallowed file types will not receive the message or its attachments.

Message ID: MC1148540

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: