- Outlook -Stop shows inline SVG images to limit phishing and malware -risici
- Microsoft continues to retire risky features across Office and Windows platforms for protection
- The company balances user impact with certainty, ensuring that SVG -staple -staples remain fully supported
Malicious use of SVG files has become more and more common in recent years, when attackers rely on the format to deliver malware and build phishing sites.
In response, Microsoft changes how Outlook handles this type of content and now prevents inline SVG images from appearing in Outlook for the web or in the new Windows views.
In a Microsoft 365 message center update, the tech giant said, “Inline SVG pictures no longer appear in Outlook for the web or the new views for Windows. Instead, users will see blank spaces where these images would have appeared.”
A little impact
However, Microsoft does not fully block SVG files.
“SVG images sent as classic attachments will continue to be supported and visible from the affiliation well. This update helps mitigate potential security risks, such as cross-site scripting (XSS) attacks,” the company added.
Microsoft says fewer than 0.1% of images in Outlook use this method, so the impact on typical communication must be less.
The decision is part of Microsoft’s wider strategy to reduce the number of features that attackers can abuse.
Over the past several years, the company has retired or limited functions in both office and windows that have been used in phishing or malware campaigns.
Earlier in 2025, the Outlook Web and Outlook for Windows began blocking. Librar-Ms and .Search-MS files, which Bleeping computer Notes had been exploited in attacks against government targets since at least 2022.
Microsoft has also implemented protection against macros and additions in its productivity software. Changes include Blocking VBA Contorm Causes by default, adding the protection of Excel 4.0 macros, deactivating non-confined XLL supplies and Activex controls in Microsoft 365 and Office 2024 apps and removal of support for VBScript.
The full list of formats now blocked is available to view in Microsoft’s documentation here.
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
