Microsoft has announced plans to quickly block embedded files with “hazardous extensions” in OneNote adhering to experiences that the notice-having service is becoming more and more abused for malware supply.
Up until finally now, people have been proven a dialog warning them that opening this kind of attachments could harm their laptop and info, but it was probable to dismiss the prompt and open up the information.
That is likely to change heading ahead. Microsoft said it intends to stop end users from directly opening an embedded file with a risky extension and screen the concept: “Your administrator has blocked your capability to open up this file kind in OneNote.”
The update is anticipated to start off rolling out with Variation 2304 later on this month and only impacts OneNote for Microsoft 365 on units managing Windows. It does not affect other platforms, like macOS, Android, and iOS, as nicely as OneNote variations offered on the web and for Windows 10.
“By default, OneNote blocks the very same extensions that Outlook, Term, Excel, and PowerPoint do,” Microsoft reported. “Malicious scripts and executables can result in harm if clicked by the person. If extensions are included to this allow for record, they can make OneNote and other applications, these kinds of as Term and Excel, much less secure.”
The list of 120 extensions are as follows –
.ade, .adp, .application, .software, .appref-ms, .asp, .aspx, .asx, .bas, .bat, .bgi, .cab, .cer, .chm, .cmd, .cnt, .com, .cpl, .crt, .csh, .der, .diagcab, .exe, .fxp, .gadget, .grp, .hlp, .hpj, .hta, .htc, .inf, .ins, .iso, .isp, .its, .jar, .jnlp, .js, .jse, .ksh, .lnk, .mad, .maf, .magazine, .mam, .maq, .mar, .mas, .mat, .mau, .mav, .maw, .mcf, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msh, .msh1, .msh2, .mshxml, .msh1xml, .msh2xml, .msi, .msp, .mst, .msu, .ops, .osd, .pcd, .pif, .pl, .plg, .prf, .prg, .printerexport, .ps1, .ps1xml, .ps2, .ps2xml, .psc1, .psc2, .psd1, .psdm1, .pst, .py, .pyc, .pyo, .pyw, .pyz, .pyzw, .reg, .scf, .scr, .sct, .shb, .shs, .theme, .tmp, .url, .vb, .vbe, .vbp, .vbs, .vhd, .vhdx, .vsmacros, .vsw, .webpnp, .website, .ws, .wsc, .wsf, .wsh, .xbap, .xll, and .xnk
THN WEBINARBecome an Incident Reaction Pro!
Unlock the strategies to bulletproof incident reaction โ Grasp the 6-Stage process with Asaf Perlman, Cynet’s IR Chief!
Do not Miss Out โ Conserve Your Seat!
Buyers who opt to still open the embedded file can do so by first preserving the file domestically to their product and then opening it from there.
The enhancement comes as Microsoft’s conclusion to block macros by default in Office environment files downloaded from the internet spurred threat actors to change to OneNote attachments to provide malware by way of phishing assaults.
In accordance to cybersecurity agency Trellix, the amount of destructive OneNote samples has been slowly escalating because December 2022, prior to ramping up in February 2023.
Located this report exciting? Adhere to us on Twitter ๏ and LinkedIn to browse more exceptional material we publish.
Some parts of this article are sourced from:
thehackernews.com