Outlook Safe Mode bypass DLP agent detection
search cancel

Outlook Safe Mode bypass DLP agent detection


Article ID: 271185


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention


When you launch Outlook in safe mode, you can bypass DLP agent detection.


If the user launches Outlook in Safe Mode there is nothing our endpoint agent can do to override Safe Mode and force our plugin to load.
A GPO may be able to block users from launching Outlook in Safe Mode.

This link explains how to disable Outlook safe mode in the registry:


If Outlook is not running in Safe Mode, and a non-admin tries to disable the DLP plugin, our agent will attempt to reenable the plugin.
And a message will be sent to the console indicating that the plugin has been tampered with.
Again, a GPO may be able to prevent non-admin users from disabling Outlook plugins.