orca icon indicating copy to clipboard operation
orca copied to clipboard

Published 20 hours ago verified publisher icon cammurray

Issue with Check 117 Action for Unknown Malicious URLs in messages

Open rs-seccompsme2 opened this issue 2 years ago • 1 comments

This check no longer works with the updates that MSFT made to move the global settings into the individual policies now. image

There is no longer a property for IsEnabled. Instead now each policy has three values:

  • EnableSafeLinksForEmail
  • EnableSafeLinksForTeams
  • EnableSafeLinksForOffice

The existing check should be updated for URLs in Email messages and one check should be added for Teams and the existing Safe Links Enablement for Office (Check 169) should be updated to not only check the ATP policy but also within each Safe Links policy for the EnableSafeLinksForOffice value.

rs-seccompsme2 avatar Aug 11 '22 18:08 rs-seccompsme2

I have my own version of this module and I have already updated the code in this check. And the check-169 as well as created one for Teams. Let me know if you want me to post the code it here.

rs-seccompsme2 avatar Aug 11 '22 19:08 rs-seccompsme2

Checked in changes which deprecate check 117 and check 169, three checks 236 (Email), 237 (Teams), and 238 (Office Docs) which check their respective Safe Links flags. Will be in 2.3

cammurray avatar May 02 '23 07:05 cammurray