Microsoft Excel Now Blocks Dangerous External Workbook Links | Sync Up

213

Big news if you use Microsoft Excel. Starting in October 2025, Microsoft is making a change that will block certain files from being linked in Excel. We’ll cover why this update is happening and how you can keep things connected as we sit down and sync up with Rocket IT’s weekly technology update.

In this episode, you’ll hear more about:

  • What’s changing in Excel and why
  • How hackers use hidden files
  • The types of files on Microsoft’s block list
  • What happens if your files get blocked
  • How to keep your team secure and connected

Video Transcript

For those who use Excel regularly, you’ve likely linked one workbook to another in order to pull in information automatically. But beginning in October, if you try to connect to a file type that’s on Microsoft’s block list, Excel isn’t going to allow it.

Specifically, Microsoft is targeting external link. In Excel, that’s when one spreadsheet pulls information from a different file on your computer or network. For example, you might have a master report that grabs updated numbers from separate monthly files—those connections are called external links.

Now, it’s not the links themselves causing the issue, it’s the types of files at the other end of the link that can create problems. These are file types that Microsoft considers unsafe, because hackers have used them in the past to hide malware or set up phishing attacks.

Now, I mentioned phishing attacks, and that’s honestly the most common way these links are being abused. For example, imagine you open a spreadsheet that, in the background, connects to another file; maybe an old add-in, a script, or a file format rarely used for normal business. Hackers love linking to these file types because it’s an easy way to sneak in something dangerous, all through what looks like a regular Excel link. Should you download and open one of these malicious files, you’re likely giving cybercriminals access to your computer, your company’s data, or even your entire network.

Obviously, for hackers, this change by Microsoft is a big deal because attackers have been using these backdoor-style links for years to get around the usual protections in Excel. By blocking them by default, Microsoft is closing off one of the easiest paths hackers have used to get inside businesses.

So, what exactly is on the block list? Microsoft has a Trust Center setting that lists all the file types known to be risky. Some of the most notable are files with old Excel add-ins, files with specific macro chains, certain ActiveX controls, and uncommon Windows file types that link to library and search functions. If you try to connect to one of these using Excel’s external links, you’ll either get blocked or see an error. Inspecting the error message will confirm it’s because of a restricted file type.

Now, if your company just so happens to rely on these types of files to share data, you can manually change the settings, but I wouldn’t suggest it since doing so opens the door right back up to the same threats. The bottom line is this, Microsoft is stepping up to protect businesses and users from one of the most common ways hackers spread malware and steal information. It’s all about making Excel safer, even if it means adjusting how some people work with files.

If you’re not sure how these changes will affect your team, or if you need help updating your files or adjusting your workflow, reach out to Rocket IT using the link in this video’s description. And to stay up to date on trending technology news, hit that subscribe button and the bell to catch us on next week’s episode of Sync Up with Rocket IT.

Related Posts

Subscribe to Rocket IT's Newsletter

Stay up to date on trending technology news and important updates.

CTA2

Find out if Rocket IT is the right partner for your team

Claim a free consultation with a technology expert.

Fed up with IT support that falls short?

Claim a free 30-minute consultation and explore three key practices to evaluate the maturity of your help desk.