One of the measures to be taken by Microsoft to contain the wave of corporate attacks using OneNote will be the blocking of types of files considered dangerous. When giving more details about the changes, the company released a list of no less than 120 extensions that will no longer work in the application, without even an option to open it by the user.
If before OneNote displayed an alert that the execution of attachments could bring risks, now the application will simply see a message indicating the blocking by the administrator. The ban will be applied by default from version 2304 of the software, which was already being tested by users registered in Microsoft’s preview program and should reach all users by the end of May.
In this specific case, we are talking about attached files, which arrive in fraudulent emails disguised as commercial proposals, contracts and other documents. The information is hidden behind an attachment button in the OneNote document, which displays false data but also allows malware to be installed.
According to Microsoft, system administrators will also have the option to ban additional types of data that they consider dangerous, as well as create release rules for other formats that they need to use on a daily basis – provided, of course, they are aware of the risks. By default, known types of attachments such as ASP, HLP, GRP, ISO, JS, MDB, MSC and, mainly, EXE, MSI and JS are among those blocked, as well as commands that open Windows PowerShells; check them all out:
You can also block OneNote attachments from being opened completely, no matter the file type. This was a faster measure to contain the problem, already applied by Microsoft and available in the current version of the software, which must also remain with the application of the update that prevents the execution of some specific types.
In addition to Microsoft 365, the 2021, 2019 and 2016 versions of Office will also receive the update. However, editions that work on the web or directly on mobile phones will not have access to the update, as they also do not suffer from the security problem. The novelty is part of a map of updates focused on security that extends until next year and is aimed at attacking the main means of dissemination of plagues by bandits.
Source: Microsoft
