Scan Messages for Unsafe Files [CHK-1626]
This check verifies if messages in Microsoft Teams are scanned for unsafe files.
Rationale
Microsoft Teams can be exploited by attackers to distribute malware and malicious files. The FileTypeCheck feature for Teams blocks files with dangerous extensions, preventing malware distribution. Without this feature, your organization is at risk of malware, ransomware infections, data breaches, or system compromise.
Fix
An automated fix is available through Attic.
Manual steps:
- Open PowerShell and connect to Teams using the Teams PowerShell module with the command:
Connect-MicrosoftTeams. - Check the current setting with the command:
Get-CsTeamsMessagingConfiguration -Identity Global | Select-Object FileTypeCheck. - Enable file type checking with the command:
Set-CsTeamsMessagingConfiguration -Identity Global -FileTypeCheck Enabled. - Verify the change by repeating step 2. The value of FileTypeCheck should now be "Enabled".
Impact
Users will no longer be able to send or receive files with blocked extensions. If they attempt to do so, they will see an error message. This may disrupt legitimate use of certain file types, requiring alternative methods for file sharing.