Don’t Let The Recent OneNote Exploit Threaten Your Cybersecurity
We have noticed that malware threat actors have found an exploit within OneNote and we’ve observed a significant increase in the number of malicious files delivered and opened via OneNote email attachments.
Unlike malicious Word and Excel files, OneNote malware and the associated infected files do not require the security prompt asking the end-user to allow macros, thus increasing the chances of unknowingly running the malicious executable.
What you can do
This vulnerability can be addressed by configuring your email to block these potentially malicious OneNote attachments – notably those with .one file extensions- and will only take a few minutes to apply this fix.
Here are more details about the issue.
As always, if you’re an existing TSI client, please don’t hesitate to reach out to your Account Manager at any time to help apply this fix or to learn more about this vulnerability- we’re here to help! If you’re not currently a TSI client, please share this security update with your IT support team or reach out to us at any time using the contact information below. Thank you for taking the time to read our notification and we look forward to providing any further updates as they arise.