Microsoft has announced significant security enhancements for Microsoft Teams that will strengthen protection against malware and file-based attacks through improved URL and file type filtering capabilities. The company revealed that Teams will now automatically block messages containing weaponizable file types, such as executables, in both chats and channels, while also implementing detection and warning systems for malicious URLs sent through Teams communications. These new security features are currently in development and are scheduled to begin rolling out globally to standard Microsoft 365 multi-tenant environments next month.
The security improvements extend beyond basic file and URL filtering, with Microsoft integrating Teams with the Microsoft Defender for Office 365 Tenant Allow/Block List to provide administrators with enhanced control over external communications. This integration enables security administrators to block incoming communications from blocked domains across all Teams functions including chats, channels, meetings, and calls, while also providing the ability to automatically delete existing communications from users in blocked domains. The feature is currently in targeted release and will reach general availability worldwide by late September 2025, allowing administrators to manage blocked external domains directly through the Microsoft Defender portal.
These latest security enhancements build upon a series of protective measures Microsoft has implemented throughout 2025, including a screenshot prevention feature that blacks out meeting windows when users attempt to capture sensitive information, and brand impersonation protection designed to alert users of phishing attacks targeting organizations with external Teams access. With Teams serving over 320 million monthly active users across 181 markets and 44 languages, these security improvements address critical vulnerabilities in enterprise communications platforms where cybercriminals increasingly target collaboration tools to distribute malware and conduct social engineering attacks. The comprehensive approach demonstrates Microsoft’s commitment to securing the collaboration platform that has become essential infrastructure for organizations worldwide.