Microsoft is finally cracking down on one of its biggest Windows security risks

Microsoft is finally cracking down on one of its biggest Windows security risks


Office Microsoft OneNote review

(Image credit: Microsoft OneNote)

Microsoft  has shared more details about an important security update to OneNote, through which it hopes address the growing issue of its program increasingly being used to push ransomware and other types of malware.

In a new Microsoft 365 support document (opens in new tab), the company listed a total of 120 file extensions that will soon be blocked in OneNote. Among the file types .XLL, .ISO, .BAT, and .JS stand out. 

These extensions will also be blocked in other Office 365 (opens in new tab)programs such as Outlook, Word, Excel, or PowerPoint. 

Blocking files 

While previously, trying to open a OneNote file with a suspicious attachment would bring up a warning notification, the new update will prevent the file from being opened – at all. Instead, the user will be met with a warning dialog saying “Your administrator has blocked your ability to open this file type in OneNote”.

The changes will roll out in Version 2304 in Current Channel (Preview) to OneNote for Microsoft 365, on Windows-powered devices, either in April, or May, this year, it was said. Retail versions of Office 2021, Office 2019, and Office 2016 (Current Channel) will also be updated to reflect these changes, however, volume-licensed versions of Office (Office Standard 2019, or OFfice LTSC Professional Plus 2021) will not get the update.

OneNote on the web, OneNote for Windows 10, OneNote for Mac, or OneNote for Android/iOS will not be updated, as well. 

Ever since Microsoft blocked its productivity apps from running macros, hackers have been looking for a viable alternative to deliver malware. Among the different methods one stood out – OneNote files with malicious attachments. The practice has gotten so tremendously popular, so quickly, that it forced Microsoft’s hand and triggered the upcoming update. 

Another popular method of malware delivery is phishing emails with .ISO files attached which, by sideloading malicious .DLL files, successfully download stage-two payloads to unsuspecting victims’ endpoints.

Via: BleepingComputer (opens in new tab)

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read More

No Comments

Post A Comment

Would you like to receive notifications on our latest price cuts and free product drops? No Yes