Forum Discussion
New Outlook opens security hole
I checked with our escalations team, and the feature you are asking for, which is to prevent end users from adding their personal or third-party accounts is being developed. We do not have an exact ETA on when it will be rolled out, but it's a high priority item requested by other enterprise organizations, so hopefully soon.
In the meantime, the workaround to mitigate the security risks is to disable the new Outlook, either by hiding the toggle switch, restricting mailbox connections, or both.
Hope the provided information has addressed your concern,
Regards!
While we wait for Microsoft to provide a way to block 3rd party email from being added by end users, we were able to completely disable New Outlook following the steps in this article:
https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-on-the-web/enable-disable-employee-access-new-outlook
We also deployed a registry change to end users with PowerShell to remove the button from Outlook. Run in user context because the key is HKCU
Set-ItemProperty -Path 'HKCU:\SOFTWARE\Microsoft\office\16.0\Outlook\Options\General' -Name "HideNewOutlookToggle" -Value 1
- OITCONZMay 06, 2024Copper ContributorWe have found this fails in some situations. for example, client clicking on a /msg file has the new Outlook Experience wizard pop up even though it used to just let you import / open .msg files. This registry key is not able to resolve all issues with stopping the new Outlook experience
- PrincedsMay 22, 2024Copper Contributor
Hello,
We got the new outlook recently in the client machines, We applied the OWA policy to block the personal email accounts in new outlook . The OWA policy is worked for hotmail and outlook.com, but not for gmail account. Also found another strange behavior that the policy is working as expected, when adding the gmail as a secondary account (My work account is a default one in new outlook),
However I can able to setup the gmail as a default account (Primary), seems to be the policy is not working in this scenario .
Is there any fix for this?