So most organisations use Microsoft Office in some way. Even if it they do not use it, someone will email them a Word or Excel document. You cannot avoid it – even on a Mac or Linux computer.
That makes it a juicy target for threat actors – there are lots of potential victims many without training in the basics of cyber security.
Microsoft recently fixed the macro problem with Office – that had been around since hackers discovered macros were the perfect way to deliver an attack. That was about thirty minutes after Microsoft launched the feature in about 1992!
So the hackers had to go looking elsewhere in Office. OneNote has proved useful to them now they are abusing the executables – using the legitimate files as part of their attacks:
Hackers can abuse Microsoft Office executables to download malware – BleepingComputer
It is just another example why anti-virus is only the first step in cyber protection.
Anti-virus – This is why you need more and better…
Defence-in-Depth – The Next Step
Clive Catton MSc (Cyber Security) – by-line and other articles