Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025

Microsoft routinely phases out outdated protocols used to access its services, primarily to reduce the potential attack surface. As time passes, older protocols often become vulnerable to flaws and exploits that can be leveraged by malicious actors.

The latest protocol slated for deprecation is the file access protocol RPS, used within Microsoft 365 services. Beginning in mid-July, Microsoft will disable legacy file authentication protocols across Microsoft 365, Office applications, SharePoint, and OneDrive.

Once deprecated, applications and services that rely on the Relying Party Suite (RPS) or FrontPage Remote Procedure Calls will no longer be able to use browser-based authentication to access Office files. This move is expected to significantly bolster Office’s security posture.

Microsoft explains that the RPS protocol is severely outdated, rendering it susceptible to brute-force attacks and phishing schemes. Likewise, FrontPage Remote Procedure Calls—originally intended for remote web development—are prone to various vulnerabilities that can compromise system integrity.

According to Microsoft’s timeline, authentication based on these two legacy protocols will be disabled starting in mid-July 2025, with full enforcement completed by August. Enterprises and developers still relying on these protocols must transition to modern alternatives to avoid disruptions.

Notably, no manual updates are required by organizations—Microsoft will implement the changes directly via the cloud. Once in effect, Microsoft 365 will require administrator consent for third-party access to files and sites.

Rate this post

Related Posts:

Found this helpful?

Leave a Reply Cancel reply