Skip to content

New Outlook’s blocked images problem

The new Outlook for Windows has a safety setting that might stop you seeing images in emails and is another privacy breach by Microsoft to snoop at customers data. It’s buried deep in the software and turned on automatically.

Deep in the Settings for Outlook (new) is a way to block images in messages when they are considered a security risk. It’s misleadingly called “Always use the Outlook service to load images”

External images

Some external images can pose a security risk.

Outlook helps protect your data by loading these images through our service.

If you choose not have Outlook load your images, you risk exposing your device to malicious content. Learn more

  • Always use the Outlook service to load images
  • Don’t use the Outlook service to load images

This setting is at Settings | General | Privacy and data | (choose a mail account) then scroll down to ‘External images’.

This option only applies to non-Microsoft mailboxes, like Gmail and using the “Outlook service” is the default.

What’s happening?

Images embedded in an email body send information about your computer back to the sending computer. There’s nothing unusual about this because every web page (and part of a web page) requires the same information exchange.

Some hackers use images in malicious emails to get those technical details, sometimes called ‘Spy Pixels’ from any computer displaying the message.

The so-called “Outlook service” is really a way for the images to be routed to Microsoft’s security service for checking before passing along to your computer.  That means the email images are revealed to Microsoft.

This also isn’t new because all data from non-Microsoft mailboxes is routed through Microsoft’s servers with the new Outlook, see Beware the privacy trap in the Outlook (new).

“Outlook service” means Microsoft servers

Microsoft has chosen the misleading term “Outlook service” to describe what they are doing. That makes it seem like something in the Outlook software on your computer – but it’s not.

The “Outlook service” is really Microsoft server software that gets the image, does some (vague) security checks, then sends to you.

According to Microsoft

Microsoft says:

If you choose not to use the Outlook service to load external images, your personal data might be at risk,

More suspicious customers might point out that having Microsoft interfere in loading external data is itself putting personal data at risk!

The problem

Leaving aside the important privacy risk, there’s also the chance that Microsoft’s protections could block an image you want to see. 

In other words Microsoft’s security gets it wrong or over-zealous (a risk with any security system).  In tech terms a “false positive”.

What to do?

If you don’t like Microsoft’s unnecessary intrusion, then turn the external images option OFF.  However, if you’re concerned about Microsoft’s practices then it’s unlikely you’d be using non-Microsoft accounts with new Outlook.

Keep the external images option in mind. If an image isn’t appearing in an email, it might be worth checking if the feature is blocking the picture wrongly.

Beware the privacy trap in the Outlook (new)

All the Outlook solutions to ‘Spy Pixels’ in emails

About this author

Office-Watch.com

Office Watch is the independent source of Microsoft Office news, tips and help since 1996. Don't miss our famous free newsletter.