- Outlook stop showing SVG images online to limit the risks of Phishing and Malware
- Microsoft continues to remove risky features on Office and Windows platforms for protection
- The company balances the impact of the user with security, ensuring that SVG attachments remain fully compatible
The malicious use of SVG files has become increasingly common in recent years, and attackers depend on the format to deliver malware and build phishing pages.
In response, Microsoft is changing how Outlook handles this type of content and will now prevent SVG images online from appearing in Outlook for web or in the new perspective for Windows.
In an update of the Microsoft 365 message center, the technological giant said: “SVG online images will no longer be displayed in Outlook for Web or the New Outlook for Windows. On the other hand, users will see blank spaces where these images would have appeared.”
A small impact
However, Microsoft will not completely block SVG files.
“The SVG images sent as classic attachments will continue to be compatible and visible from the attached file well. This update helps mitigate potential security risks, such as attacks on crossed sites command sequences (XSS),” the company added.
Microsoft says that less than 0.1% of Outlook images use this method, so the impact on typical communication should be lower.
The decision is part of Microsoft’s broader strategy to reduce the amount of characteristics that attackers can abuse.
In recent years, the company has withdrawn or restricted the functions both in the office and in the windows that have been used in phishing or malware campaigns.
At the beginning of 2025, Outlook Web and Outlook for Windows began block Bleeping computer The notes had been exploited in attacks against government objectives since at least 2022.
Microsoft has also implemented macros and accessories protections in its productivity software. The changes include blocking the VBA office macros by default, add protection for Macros Excel 4.0, disable non -reliable XLL accessories and Activex controls in Microsoft 365 and Office 2024 applications, and eliminate VBScript support.
The complete list of now blocked formats is available to see in the Microsoft documentation here.
Keep PakGazette on Google News and Add us as a preferred source To get our news, reviews and opinion of experts in their feeds. Be sure to click on the Force button!
And of course you can also Keep PakGazette in Tiktok For news, reviews, video deciphes and get regular updates from us in WhatsApp also.
You may also like
