Microsoft OneNote Security Blocks 120 File Extensions to Tighten Security

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

To better protect users, Microsoft has published detailed information on the dangerous embedded files that OneNote will soon block.

“To help protect you and your recipients against computer viruses, Outlook blocks the sending and receiving of certain types of files (such as .exe and certain database files) as attachments,” Microsoft.

Threat actors embed dangerous files and scripts in malicious Microsoft OneNote documents, covering them with design elements.

Following recent and ongoing phishing attacks propagating malware, Microsoft initially disclosed that OneNote will have improved security in a Microsoft 365 roadmap article released recently last month.

As Microsoft patched a MoTW, bypassed zero-day exploit to spread malware via ISO and ZIP files, and finally disabled Word and Excel macros by default, threat actors began employing OneNote documents in spear phishing campaigns around the middle of December 2022.

Blocked File Types in Outlook

 According to Microsoft, the files considered dangerous and blocked in OneNote will be aligned with those blocked in Outlook, Word, Excel, and PowerPoint.

.ade, .adp, .app, .application, .appref-ms, .asp, .aspx, .asx, .bas, .bat, .bgi, .cab, .cer, .chm, .cmd, .cnt, .com, .cpl, .crt, .csh, .der, .diagcab, .exe, .fxp, .gadget, .grp, .hlp, .hpj, .hta, .htc, .inf, .ins, .iso, .isp, .its, .jar, .jnlp, .js, .jse, .ksh, .lnk, .mad, .maf, .mag, .mam, .maq, .mar, .mas, .mat, .mau, .mav, .maw, .mcf, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msh, .msh1, .msh2, .mshxml, .msh1xml, .msh2xml, .msi, .msp, .mst, .msu, .ops, .osd, .pcd, .pif, .pl, .plg, .prf, .prg, .printerexport, .ps1, .ps1xml, .ps2, .ps2xml, .psc1, .psc2, .psd1, .psdm1, .pst, .py, .pyc, .pyo, .pyw, .pyz, .pyzw, .reg, .scf, .scr, .sct, .shb, .shs, .theme, .tmp, .url, .vb, .vbe, .vbp, .vbs, .vhd, .vhdx, .vsmacros, .vsw, .webpnp, .website, .ws, .wsc, .wsf, .wsh, .xbap, .xll, .xnk

Users will no longer have the option to access files with harmful extensions after the security upgrade goes live. Before, OneNote informed users that accepting attachments could harm their data while allowing them to open the embedded files marked as risky.

When a file is restricted, users will see a notification that reads, “Your administrator has blocked your ability to open this file type in OneNote.”

According to Microsoft, between late April and late May 2023, OneNote for Microsoft 365 on Windows devices will start to receive the modification in Version 2304 in Current Channel (Preview).

The security enhancement will not be included in volume-licensed versions of Office, such as Office Standard 2019 or Office LTSC Professional Plus 2021; it will be accessible in retail versions of Office 2021, Office 2019, and Office 2016 (Current Channel).

Nevertheless, it will not be available in OneNote on the web, OneNote for Windows 10, OneNote for Mac, or OneNote for Android or iOS devices.

Update channel Version Release date
Current Channel (Preview) Version 2304 First half of April 2023
Current Channel Version 2304 Second half of April 2023
Monthly Enterprise Channel Version 2304 June 13, 2023
Semi-Annual Enterprise Channel (Preview) Version 2308 September 12, 2023
Semi-Annual Enterprise Channel Version 2308 January 9, 2024

To block additional file extensions you might consider unsafe, activate the ‘Block additional file extensions for OLE embedding’ policy under User ConfigurationPoliciesAdministrative TemplatesMicrosoft Office 2016Security Settings and select the extensions you want to be blocked.

Also, you can activate the “Allow file extensions for OLE embedding” policy from the same area in the Group Policy Management Console and specify which extensions you want to allow if you need to enable particular file extensions that will shortly be blocked by default.

Also, you can modify the policies to suit your needs using the Cloud Policy service for Microsoft 365. Any modification you make will also impact Word, Excel, and PowerPoint.

These policies aren’t available in Microsoft Apps for Business; hence they are only available to users of Microsoft 365 Apps for Enterprise.

Network Security Checklist – Download Free E-Book

Related Read: