Microsoft has announced improved protections for users of its OneNote application to protect against malicious attacks. OneNote, an Office suite component typically used for note taking and task management, was vulnerable to malicious files being attached to documents, which could be executed without warning to the user. In response, Microsoft is now blocking the opening of embedded files with dangerous file extensions, such as scripts and executables. The blocked files will only be allowed to be opened from the user’s device to ensure proper security measures are taken. Microsoft 365 administrators will be able to set policies to block additional file types or allow specific types to be opened.
Malware delivery through OneNote documents has surged in recent years, prompting Microsoft to take action and protect OneNote users. The new security feature will begin to roll out in April, and will be available to all users by January 2024. This change will impact OneNote in Microsoft 365 on Windows devices as well as retail versions of Office 2021, Office 2019, and Office 2016.
Microsoft advises that administrators be cautious when allowing specific file types to be opened in OneNote, as they can make the application and other Office applications less secure. The company warns that malicious scripts and executables can cause harm if clicked by the user.
In conclusion, Microsoft has taken measures to improve the security of OneNote by blocking the opening of dangerous embedded files. The protection will apply to users of OneNote in Microsoft 365 on Windows devices, as well as retail versions of Office 2021, Office 2019, and Office 2016. Administrators should be cautious when allowing specific file types to be opened in OneNote, as malicious scripts and executables can cause harm if clicked by the user.
Key Points:
- Microsoft has announced improved protections for OneNote users with automatic blocking of embedded files with dangerous extensions.
- Malware delivery through OneNote documents has surged in recent years, prompting Microsoft to take action and protect users.
- The new security feature will begin to roll out in April and will be available to all users by January 2024.
- Administrators should be cautious when allowing specific file types to be opened in OneNote, as they can make the application and other Office applications less secure.