Microsoft is adding new security features for OneNote after a series of cyberattacks targeting the application.
Users will now receive a notification when opening a suspicious embedded file.
This update comes after a recent wave of phishing attacks in which hackers used maliciously crafted OneNote documents with ".one" file extensions and embedded files hidden behind overlays asking the targets to click to view the document.
- To thwart phishing attacks, researchers have recommended setting up secure mail gateways or mail servers to automatically block OneNote documents with ".one" extensions.
- Windows admins can also use Microsoft Office group policies to prevent embedded OneNote files from launching.
