When considering what is a dangerous file type, we strike a balance between file types that:
- Have a high security threat.
- Are commonly used and would place additional burden on users if considered unsafe.
When it comes to protecting your organization, it is also important that:
- You realize that just about any file type can contain a security threat, but that this doesn't make that file type inherently malicious. For example, Microsoft Office, .GIF, and .PDF files are not considered dangerous, yet they can contain vulnerabilities.
- Your users are aware of the potential threats of clicking on a URL. Our Targeted Threat Protection product protects your organization by blocking specific file types. If enabled, it's user awareness setting can also educate users of the risks of clicking on a URL.
- Attachment Management policies can be used to block, hold, or strip attachments.
The following file types are considered malware and therefore blocked:
|Dangerous File Types|
|A - C||.a6p, .ac, .acr, .action, .adp, .air, .apk, .app, .applescript, .awk, .bas, .bat, .bin, .chm, .cmd, .com, .cpl, .crt, .csh|
|D - F||.dek, .dld, .dll .drv, .ds, .ebm, .elf, .emf, .esh, ._exe, .exe, .ezs, .fky, .frs, .fxp|
|G - I||.gadget, .gpe, .gpu, .hlp, .hms, .hta, .icd, .iim, .inf, .ins, .inx, .ipa, .ipf, .isp, .isu|
|J - L||.jar, .js, .jse, .jsx, .kix, .ksh, .lib, .lnk|
|M - O||.mcr, .mde, .mel, .mem, .mpx, .mrc, .ms, .msc, .msi, .msp, .mst, .mxe, .obs, .ocx, .out, .osx|
|P - R||.pas, .pcd, .pex, .pif, .plsc, .pm, .prc, .prg, .pvd, .pwc, .py, .pyc, .pyo, .qpx, .rbx, .reg, .rgs, .rox, .rpj|
|S - U||.scar, .scpt, .scr, .script, .sct, .seed, .sh, .shb, .shs, .spr, .sys, .thm, .tlb, .tms, .u3p, .udf, .url|
|V - Z||.vb, .vbe, .vbs, .vbscript, .vdo, .vxd, .wcm, .widget, .wmf, .workflow, .wpk, .ws, .wsc, .wsf, .wsh, .xap, .xqt, .zlq|