Microsoft has shared extra particulars about an essential safety replace to OneNote, by which it hopes deal with the rising concern of its program more and more getting used to push ransomware and different sorts of malware.
In a brand new Microsoft 365 support document (opens in new tab), the corporate listed a complete of 120 file extensions that may quickly be blocked in OneNote. Among the many file sorts .XLL, .ISO, .BAT, and .JS stand out.
These extensions will even be blocked in different Workplace 365 (opens in new tab)packages corresponding to Outlook, Phrase, Excel, or PowerPoint.
Blocking recordsdata
Whereas beforehand, attempting to open a OneNote file with a suspicious attachment would carry up a warning notification, the brand new replace will stop the file from being opened – in any respect. As a substitute, the person will likely be met with a warning dialog saying “Your administrator has blocked your capacity to open this file sort in OneNote”.
The modifications will roll out in Model 2304 in Present Channel (Preview) to OneNote for Microsoft 365, on Home windows-powered units, both in April, or Could, this yr, it was mentioned. Retail variations of Workplace 2021, Workplace 2019, and Workplace 2016 (Present Channel) will even be up to date to mirror these modifications, nonetheless, volume-licensed variations of Workplace (Workplace Customary 2019, or OFfice LTSC Skilled Plus 2021) won’t get the replace.
OneNote on the net, OneNote for Home windows 10, OneNote for Mac, or OneNote for Android/iOS won’t be up to date, as effectively.
Ever since Microsoft blocked its productiveness apps from working macros, hackers have been in search of a viable various to ship malware. Among the many totally different strategies one stood out – OneNote recordsdata with malicious attachments. The apply has gotten so tremendously common, so rapidly, that it compelled Microsoft’s hand and triggered the upcoming replace.
One other common technique of malware supply is phishing emails with .ISO recordsdata connected which, by sideloading malicious .DLL recordsdata, efficiently obtain stage-two payloads to unsuspecting victims’ endpoints.
Through: BleepingComputer (opens in new tab)