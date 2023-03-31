As malware has recently become more and more distributed via embedded or attached files in OneNote, Microsoft has now found a solution to the security vulnerability.

, OneNote will soon block 120 different file extensions. This blockage applies to use in OneNote in general and is a default that has been active in other Office applications from the company for a long time.

the data types are now enumerated. Microsoft writes that it will match the files classified as dangerous and blocked in OneNote with those blocked in Outlook, Word, Excel and PowerPoint.

Excerpt Microsoft 365 roadmap The full list includes 120 extensions, according to this Microsoft 365 support document: .ade, .adp, .app, .application, .appref-ms, .asp, .aspx, .asx, .bas, .bat, .bgi, .cab, .cer, .chm, .cmd, .cnt, .com, .cpl, .crt, .csh, .der, .diagcab, .exe, .fxp, .gadget, .grp, .hlp, .hpj, .hta, . htc, .inf, .ins, .iso, .isp, .its, .jar, .jnlp, .js, .jse, .ksh, .lnk, .mad, .maf, .mag, .mam, .maq, .mar, .mas, .mat, .mau, .mav, .maw, .mcf, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msh, .msh1, . msh2, .mshxml, .msh1xml, .msh2xml, .msi, .msp, .mst, .msu, .ops, .osd, .pcd, .pif, .pl, .plg, .prf, .prg, .printerexport, .ps1, .ps1xml, .ps2, .ps2xml, .psc1, .psc2, .psd1, .psdm1, .pst, .py, . pyc, .pyo, .pyw, .pyz, .pyzw, .reg, .scf, .scr, .sct, .shb, .shs, .theme, .tmp, .url, .vb, .vbe, .vbp, .vbs, .vhd, .vhdx, .vsmacros, .vsw, .webpnp, .website, .ws, .wsc, .wsf, .wsh, .xbap, .xll, .xnk

Threat actors have been stealthily using OneNote for so-called spear phishing campaigns since late 2022. Security experts suspect that cybercriminals use the OneNote route because the application has not received the same protection as other Microsoft Office applications.

With OneNote, users only received warnings when potentially harmful attachments were detected – but these data types were not blocked, as in Word, for example. The plan is for the change to launch in version 2304 on the Current Channel (Preview) for OneNote for Microsoft 365 on Windows devices between late April 2023 and late May 2023. The change will also roll out in the retail versions of Office 2021, Office 2019, and

(Current Channel) but not in volume-licensed versions of Office, such as Office Standard 2019 or Office LTSC Professional Plus 2021.

No security adjustments have been announced for OneNote on the web, OneNote for Windows 10, OneNote for Mac, or OneNote on Android or iOS devices.