Microsoft OneNote is being fixed after surge in malware

An extra layer of protection is coming to the collaboration app

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoftis adding extra protection toOneNote, one of the manyproductivity toolsincluded withMicrosoft 365, after hackers started abusing it to delivermalwareen masse.

According to a new roadmap entry for Microsoft 365, spotted recently by BleepingComputer, OneNote will display an extra warning notification when a user tries to run a high-risk file.

In the “Microsoft OneNote: improved protection against known high risk phishing file types” article, the company said the change should be live by the end of April this year.

Protecting your business from the biggest threats onlinePerimeter 81’s Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?)

Alternatives to weaponized macros

“We add enhanced protection when users open or download an embedded file in OneNote,” Microsoft said in the advisory. “Users will receive a notification when the files deem dangerous to improve the file protection experience in OneNote on Windows.”

8 essential Microsoft OneNote tips

Malicious use of Microsoft OneNote documents on the rise>Microsoft OneNote attachments are being used to spread malware

Hackers turned to OneNote after Microsoft blocked Excel from running macros in files downloaded from the internet. Macros were one of the most popular attack vectors for threat actors, but ever since the Redmond giant made the change, threat actors have been experimenting with a number of alternatives.

One that has been catching on is the distribution of OneNote files with attachments, which, like macros, can be manipulated to download and run malicious files hosted on third parties.

To make sure victims activate the attachments, the hackers would create a file that looks blurred, with a huge overlaid button saying “click here to view” or something similar. The explanation behind this approach is that the file is “protected”.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Using OneNote to deliver malware started grabbing cybersecurity pros’ attention in December last year, BleepingComputer reported, citing a Trustwave report.

Besides OneNote files, hackers have also been distributing shortcut files (.LNK), as these could come with pretty much any icon (for example, an icon of a .PDF file) and are not inherently malicious.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Your next smartwatch could be battery-free – and powered by your skin