Office 365

Microsoft OneNote Gets Enhanced Security

Microsoft OneNote is getting a security update that will help defend users from phishing attacks that push malware. ...

Microsoft OneNote is getting a security update that will help defend users from phishing attacks that push malware. Unfortunately, OneNote users have often been targets of cyberattacks and situations that could lead to the loss of important data or compromised information. The upgrade provides new security features, saving companies from significant losses.

microsoft onenoteThe Rising Threat Against Microsoft OneNote Users

Businesses around the world received notice of an increase in malware attacks from threat actors utilizing OneNote documents. Organizations rely on this platform for task management and note-taking, though it can serve other functions as well. OneNote documents are often the chosen target of hackers because these documents do not have Mark-of-the-Web protection and there are minimal warning warnings issues for any files attached to the OneNote notebooks.

Origin of Attacks

For years, macros in Microsoft Word and Excel documents were the target of hackers and threat actors. Macros are scripts that automate frequent tasks, and they presented an easy way for hackers to embed malicious code into a network or computer. Microsoft addressed this threat by changing the way the Office platform handled Visual Basic Applications macros. It disabled macros by default and moved to block them, leading hackers to find an alternative way to access a user’s information.

Cyber criminals abandoned macro-based attacks in the wake of this change and moved to using shortcut files to deliver malicious attachments. Microsoft OneNote embedded files became a target.

History of Attacks

In the summer of 2022, security researchers informed the Microsoft user community that OneNote attachments didn’t have MOTW protection. This lack of protection allowed macro-enabled documents or unsigned executables to bypass any existing protections and deliver a threat. Since the initial release of the research, a patch to prevent abuse by these bypasses was put in place. However, it did not eliminate the threat of abuse from hackers.

Another study found that between December 2022 and January 2023, more than 50 threats utilizing OneNote documents to deliver malware occurred.

Cloud Migration CTA

Types of Attacks

Malware is intrusive software designed to disrupt a server, network or computer and to steal, leak or gain unauthorized access to sensitive or private information. Malware campaigns include:

  • DoubleBack
  • AgentTEsla
  • NetWire RAT
  • AsyncRAT
  • XWorm

Users trigger such malware by opening documents and enabling editing functions, which then execute attached, malicious code. Small organizations, a single user or large corporations can all be potential targets for these sophisticated attacks.

The phishing attacks come from Microsoft OneNote documents that appear to be legitimate. However, there are dangerous scripts and files hidden within the design elements of the document. When users engage with the document and allow permissions to make changes, they inadvertently release the malware. It takes just one user on a company network to threaten an entire organization’s digital security.

Changes to Microsoft OneNote Functions To Improve Security

Microsoft is taking steps to safeguard client data and operating systems within OneNote. Following the ongoing trouble with phishing attacks pushing malware, the software giant revealed new security measures for the program. Once the improvements roll out in full, 120 specific file extensions have designations as dangerous and won’t be able to be opened. Microsoft 365 released the complete list online.

Additionally, users will receive more notice concerning potentially harmful files and be prohibited from opening them. In the past, OneNote would give users a warning that an attachment was a possible threat to their data but users could exit the warning and continue opening the document. The new security feature doesn’t give users the option to open the file.

Users will see a popup with a warning dialogue concerning the blocked file. It will read, “Your administrator has blocked your ability to open this file type in OneNote.” Users can circumvent the warning by first saving the document locally on the device before opening it.

The Release Date for Microsoft OneNote Changes

The updates to the security features will be available in late April and late May of 2023. The release is for Version 2304 of Current Channel Preview and OneNote for Microsoft 365 on Windows devices. In June, Monthly Enterprise Channel Version 2304 will be available, with the Semi-Annual Enterprise Channel Preview of Version 2308 having access in September. The Semi-Annual Enterprise Channel Version 2308 gets access in January 2024.

Retail versions of Office 2016, Office 2019 and Office 2021 will have the security improvement, but those with volume-licensed versions of Microsoft Office won’t have access to the new features. This would include users of Office LTSC Professional Plus 2021 or Office Standard 2019.

Security updates won’t be available on OneNote on the Web, OneNote for Mac users and those with Windows 10. Mobile access using OneNote apps on iOS or Android devices won’t have the new protective features either.

The Additional Security Options for Microsoft OneNote

The OneNote security features align with file types typically blocked in Word, Outlook, PowerPoint and Excel. However, you can take additional steps to block file extensions you consider a threat to your network or system through User Configuration features. You can also tailor security policies according to your preference through the Cloud policy service for Microsoft 365 if you’re an enterprise user, as well as implement data backups to keep your information secure.

Office 365 Backup CTA

Get Help for Your Microsoft OneNote Concerns

Malware attacks can lead to the theft or the loss of your company’s data and secure information. While Microsoft itself is taking action to address security concerns with Microsoft OneNote, it’s also important for your organization to invest in secure data storage and backup. Contact the team at Cloudficient to find out how a cloud system can reduce your cybersecurity concerns.

With unmatched next generation migration technology, Cloudficient is revolutionizing the way businesses retire legacy systems and transform their organization into the cloud. Our business constantly remains focused on client needs and creating product offerings that match them. We provide affordable services that are scalable, fast and seamless.

If you would like to learn more about how to bring Cloudficiency to your migration project, visit our website, or contact us.

Similar posts