Microsoft to block 120 dangerous file extensions in OneNote

San Francisco, Apr 2 (IANS): Microsoft has announced that it will harden the OneNote application against phishing attacks due to ongoing phishing campaigns.

The company will block 120 high-risk file extensions once the new OneNote security improvements roll out, reports BleepingComputer.

Microsoft said the update will be implemented in the Current Channel (Preview) of OneNote for Microsoft 365 on Windows devices between late April and late May 2023.

Moreover, it also mentioned that it will align the files considered dangerous and blocked in OneNote with those blocked by Outlook, Word, Excel, and PowerPoint, according to the report.

Previously, OneNote cautioned users that opening attachments could harm their data but still allowed them to open embedded files labelled as dangerous.

However, once the security enhancement is implemented, users will no longer be able to open files with dangerous extensions, the report said.

Users will now be shown a warning dialogue when a file gets blocked: "Your administrator has blocked your ability to open this file type in OneNote".

Since mid-December 2022, hackers have been spreading malware using OneNote attachments in phishing emails, infecting victims using remote access malware that can be used to install additional malware, steal passwords, or even cryptocurrency wallets.

For years, attackers have distributed malware in emails via malicious Word and Excel attachments that launch macros to download and install malware.



Top Stories

Leave a Comment

Title: Microsoft to block 120 dangerous file extensions in OneNote

You have 2000 characters left.


Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will be held responsible.