Test Blog

"This update to our Content Security Policy adds an additional layer of protection by blocking unauthorized scripts, further helping safeguard your organization against evolving security threats," Kokkalera added. This move is part of Microsoft's Secure Future Initiative (SFI), a company-wide effort launched two years ago, in November 2023, following a report from the Cyber Safety Review Board of the U.S. Department of Homeland Security, which found that the company's security culture was "inadequate and requires an overhaul." As part of the same initiative, Microsoft also updated Microsoft 365 security defaults to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols, disabled all ActiveX controls in Windows versions of Microsoft 365 and Office 2024 apps.