Hackers found a way to spread malware through Microsoft OneNote. This was reported by BleepingComputer.

According to media experts, attacks using a new method based on Microsoft’s OneNote application have become more frequent among Windows users. Apparently, the attackers send the victim emails containing a modified OneNote file, a note-taking program. After starting, remote installation of rogue programs takes place on the computer.

The authors noted that a newsletter or letter to attract attention may include information that an invoice has been issued to the recipient, a package has been sent, and important business information has been sent. To run the script, the victim needs to open a OneNote file and double-click the document.

As a rule, a protective mechanism is triggered when opening such documents sent by mail. In this case, a message appears that the file may harm the operating system. However, many users ignore the message. “The best way to protect yourself from malicious attachments is not to open files from strangers”experts noted.