check before: 2025-07-01
Product:
Exchange, Microsoft 365 suite, Purview, Purview Communication Compliance, Purview compliance portal, Purview Data Loss Prevention
Platform:
Online, US Instances, Web, World tenant
Status:
Launched
Change type:
New feature, User impact, Admin impact
Links:
Details:
Summary:
Microsoft Purview Data Loss Prevention for Exchange Online will enhance detection by evaluating the actual content of files, not just their extensions. This update, rolling out from mid-July to mid-October 2025, ensures more robust compliance and security. Admins can configure rules based on true file types without prior action.
Details:
Coming soon for Microsoft Purview | Data Loss Prevention for Microsoft Exchange Online:
Before this rollout, Exchange Online relies only on the file extension (such as .docx and .pdf) to identify the type of an attachment but this approach can be bypassed if a file is renamed with a misleading extension. To address this, we're enhancing our detection logic to go beyond just the visible file extension. After this rollout, even if a file's extension is altered, Exchange will evaluate the actual content of the file to determine its true type. This ensures that policies based on file type (such as File extension is…) will remain effective and secure, even when attachments are renamed or disguised. This improvement provides you with a more robust and reliable way to enforce compliance and security rules around file sharing.
This message is associated with Microsoft 365 Roadmap ID 493291.
[When this will happen:]
Public Preview: We will begin rolling out mid-July 2025 and expect to complete by late August 2025.
General Availability (Worldwide): We will begin rolling out late August 2025 and expect to complete by late September 2025.
General Availability (GCC, GCC High): We will begin rolling out late August 2025 and expect to complete by mid-October 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-05-31
updated:
2025-05-31
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Increased Detection of Non-Compliant Files
With the new detection logic, there will be an increase in the number of detections for non-compliant files, which may overwhelm the existing alert systems and lead to potential false positives, impacting user experience.
- roles: Compliance Officer, IT Administrator
- references: https://learn.microsoft.com/powershell/module/exchange/new-dlpcompliancerule?view=exchange-ps, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=493291
User Confusion and Frustration
Users may experience confusion and frustration due to an increase in alerts and potential blocks on legitimate files that are misidentified, leading to disruptions in workflow and productivity.
- roles: End User, Help Desk Support
- references: https://learn.microsoft.com/powershell/module/exchange/new-dlpcompliancerule?view=exchange-ps, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=493291
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
Imagine you have a library where books are categorized by the color of their covers. If someone changes the cover of a mystery novel to look like a cookbook, it might end up in the wrong section. This is similar to how Microsoft Exchange Online used to identify file types—by looking at the "cover" or file extension, like .docx or .pdf. If someone changed the extension, the system could be tricked into misidentifying the file.
Now, think of a librarian who opens each book to read a few pages to determine its true genre, regardless of the cover. Microsoft Purview Data Loss Prevention is becoming like that librarian. It will look inside the file to understand its actual content, not just rely on the extension. This means even if someone tries to disguise a file by changing its extension, the system will still recognize what type of file it truly is.
For organizations, this means better security and compliance. Admins can set rules based on the real file type, ensuring that sensitive information is protected, even if someone tries to bypass the system by renaming files. This update will happen automatically, so there's no need for immediate action, but it's wise to review current settings and inform users about the change. This new approach helps maintain a secure and compliant environment by ensuring that files are correctly identified and managed.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 week ago ago
