![]() ![]() ![]() The change will affect OneNote for Microsoft 365 on Windows devices. Microsoft plans to roll out the feature with Version 2304 in April. “Since Microsoft began blocking macros by default in 2022, threat actors have experimented with many new tactics, techniques, and procedures, including the use of previously infrequently observed filetypes such as virtual hard disk (VHD), compiled HTML (CHM) and now OneNote (.one),” Proofpoint said in a February blog post. In February, multiple security firms reported an unusual surge in threat actors abusing OneNote to deliver malware.Īccording to Proofpoint, six campaigns were detected using OneNote documents to deliver the AsyncRat malware in December 2022, while over 50 OneNote campaigns were discovered delivering various malware payloads in January. OneNote is a digital note-taking application bundled in the Office suite and allows users to create, organize and share notes across multiple devices. OneNote warning with new change (Credit: Microsoft) The user will instead receive a dialog stating that the administrator has restricted their ability to open the file type. The change now completely blocks suspicious OneNote attachments instead of issuing a warning if a dangerous extension is detected. JS, according to a Microsoft 365 support page. The list includes a total of 120 extensions, including. ![]() In a Microsoft 365 security update, the company announced it will block by default the same extensions as Outlook, Word, Excel, and PowerPoint to defend users against ongoing phishing attacks associated with OneNote. Microsoft improved security for OneNote by blocking files with potentially hazardous extensions from the popular note-taking software. ![]()
0 Comments
Leave a Reply. |