Security News > 2023 > March > Microsoft to boost protection against malicious OneNote documents

Microsoft to boost protection against malicious OneNote documents
2023-03-10 14:46

Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document - a known high-risk phishing file type.

"Users will receive a notification when the files seem dangerous to improve the file protection experience in OneNote on Windows," the company said.

What is Microsoft OneNote, and why do attackers love OneNote docs?

These notes can be used by different users to enhance collaboration, so OneNote documents are often sent from one user to another over the Internet or a network.

"Furthermore, OneNote documents do not include 'Protected View' and Mark-of-the-Web protection increasing the risk of exposure to potentially malicious files and making it attractive to cybercriminals."

Trustwave SpiderLabs researchers have documented several phishing and spear-phishing campaigns using trojanized OneNote documents to deliver malware families like Qakbot, XWorm, Icedid, Formbook, and AsyncRAT. The documents are generally posing as inquiries, statements and invoices, but once opened, they request the user to double-click on a button to view the document.


News URL

https://www.helpnetsecurity.com/2023/03/10/protection-malicious-onenote-documents/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774