Gmail to Start Blocking JavaScript Attachments from February 13, Citing Security Reasons

Gmail to Start Blocking JavaScript Attachments from February 13, Citing Security Reasons

- in Internet
331
Comments Off on Gmail to Start Blocking JavaScript Attachments from February 13, Citing Security Reasons

Gmail to Start Blocking JavaScript Attachments from February 13, Citing Security Reasons

Google has announced that it will start blocking JavaScript attachments in Gmail soon, in an attempt to reduce malicious attacks. In a blog post, the company announced that the restriction on .js file attachments will start on February 13.

Notably, .js files are not the only ones that have been blocked, as Gmail already bans use of certain file attachments like .exe, .msc, and .bat. The company says it is restricting certain file attachments for security reasons. If you try to send .js file attachments (even in compressed form) from February 13, Gmail will block the attachment and will show an in-product warning explaining the reason why.

The warning message will read, “There are a number of reasons why you may see the ‘This message was blocked because its content presents a potential security issue’ error in Gmail. Gmail blocks messages that may spread viruses like messages that include executables files or certain links.”

Google has however recommended workarounds to share .js attachment files and suggests users to do it via use of Google Drive, Google Cloud Storage, or other storage solutions to share or send files.

Google lists some of the reasons why it blocks the use of certain attachments including their compressed form (like .gz or .bz2 files) or when found within archives (like .zip or .tgz files) as they may be documents with malicious macros. Google also blocks archives whose listed file content is password protected or whose content includes a password protected archive.

One of the possible reasons for Google to block .js attachment files may be due to increasing popularity of JavaScripts as form of malware. Once malicious .js file downloaded can help attackers steal data from the system.