Microsoft OneNote will soon be blocking the opening of 120 dangerous file extensions to help address the ongoing phishing attacks pushing malware. Word and Excel documents with malicious macros were the attack vector of choice until mid December 2022, when Microsoft finally disabled macros by default. Threat attackers have since pivoted to using OneNote documents with embedded malicious files and scripts. Currently OneNote provides a warning when the embedded file and scripts are opened or executed. With the security improvements, the users will no longer have the choice as the file will be blocked. The change will being rolling out in Version 2304 between late April 2023 to late May 2023.
This segment was created for the It’s 5:05 podcast