Free Republic
Browse · Search		 News/Activism
Topics · Post Article

Skip to comments.

'Unfixable' Word password hole exposed
ZD Net ^ | 1/8/04 | Munir Kotadia

Posted on 01/07/2004 4:13:38 PM PST by UB355

A simple hack to Word's password-protection feature means documents may not be as secure as users believe. No fix is on the way, says Microsoft

Microsoft Word documents that use the software's built-in password protection to avoid unauthorised editing can easily be modified using a relatively simple hack that was published on a security Web site last Friday.

The password-protection feature in Microsoft Word -- activated by clicking on Tools/Protect Document -- can be bypassed, disabled or deleted at will, with the help of a simple programming tool called a hex editor. The hack does not leave a trace, meaning an unauthorised user could remove the password protection from a document, edit it, and then replace the original password.

Microsoft was informed about the vulnerability in late November by Thorsten Delbrouck, chief information officer of Guardeonic Solutions, which is a subsidiary of German security specialist Infineon Technologies. In early December, Microsoft denied there was a problem because, the company said, the password-protection feature is not intended to provide "fool-proof protection for tampering or spoofing" but is "merely a functionality to prevent accidental changes of a document".

This view is questioned by Delbrouck, who told ZDNet UK that the "feature" poses serious legal implications for companies. He explained that one of his company's hardware suppliers is Dell, which emails its quotes on a form protected-Word document. What happens, asked Delbrouck, if Dell sends him an offer, he uses the hack to modify the offer in his favour, then signs it and faxes it back? "We would probably end up in court and an expert would probably look at the original document and say, 'this document is protected by a password that the customer could not have known. It has not been modified because the protection is still active and the document still has its original password,'" Delbrouck said.

Following Delbrouck's revelations, Microsoft updated its Knowledge Base article 822924, titled "Overview of Office features that are intended to enable collaboration and that are not intended to increase security" to include the following warning to users: "When you are using the 'Password to Modify' feature, a malicious user may still be able to gain access to your password."

Delbrouck said there is no solution to the problem. Instead of using the protect feature, he advises companies sending sensitive information to use digital signatures or a different document format altogether, such as Adobe's PDF, which he has recommended to Dell in Germany.

Microsoft was not available for comment.

TOPICS: Miscellaneous; Technical
KEYWORDS: computersecurity; microsoft
Navigation: use the links below to view more comments.
first 1-2021-22 next last
Any body with a Mac knows how easy it is to by pass the password-protection feature for the PC application versions of Office. Much simpler then using a hex editor.
1 posted on 01/07/2004 4:13:39 PM PST by UB355
[ Post Reply | Private Reply | View Replies]
To: All

The page cannot be found
The page you are looking for might have been removed, had its name changed, or is unavailable.

Please try the following:

  • If you typed the page address in the Address bar, make sure that it is spelled correctly.
  • Open the www.freerepublic.com home page, and then look for links to the information you want.
  • Click the Back button to try another link.
  • Click Donate to help support the best site on the web. Face it, you don't want to sit down to start freeping someday, only to see...


HTTP 404 - File not found


2 posted on 01/07/2004 4:15:30 PM PST by Support Free Republic (Your support keeps Free Republic going strong!)
[ Post Reply | Private Reply | To 1 | View Replies]
To: bd476
Bump for later reading.
3 posted on 01/07/2004 4:19:49 PM PST by bd476 (New Year's Resolution: Decrease FR online time to 1 hour a day... 23 more to go!)
[ Post Reply | Private Reply | To 1 | View Replies]
To: UB355
Not surprising to me. Microsoft hasn't even distributed a fix for the bogus URL vulnerability in IE, and its been over a month since I've seen chatter about it. Essentially, the vulnerability allows a bad guy to display any URL in the Address line even though you're actually at a different site.

A third-party entity HAS released a fix however, but it has bugs.

4 posted on 01/07/2004 4:21:30 PM PST by Johnny_Cipher ("... and twenty thousand bucks to complete my robot. My GIRL robot.")
[ Post Reply | Private Reply | To 1 | View Replies]
To: UB355
the password-protection feature is not intended to provide "fool-proof protection for tampering or spoofing" but is "merely a functionality to prevent accidental changes of a document".

Exactly. This is a non-issue. Anyone who assumed this was cryptologically secure probably thinks passworded Zip files and any number of other "protection" systems are secure. Duh..

5 posted on 01/07/2004 4:22:11 PM PST by Leroy S. Mort
[ Post Reply | Private Reply | To 1 | View Replies]
To: Leroy S. Mort
Right on. If you want your document to be set in stone, use Adobe Acrobat.
6 posted on 01/07/2004 4:23:59 PM PST by xrp
[ Post Reply | Private Reply | To 5 | View Replies]
To: UB355
What idiot uses Microsoft Word's password features anyway? If you're writing something that should never been seen by anyone else, there are a bazillion other means to be secure. *sigh*
7 posted on 01/07/2004 4:41:09 PM PST by PureSolace (I love freedom.)
[ Post Reply | Private Reply | To 1 | View Replies]
To: xrp
There are ways around Acrobat too - ask the Russian programmer who got in trouble a year or two ago.
8 posted on 01/07/2004 4:43:56 PM PST by LPStar
[ Post Reply | Private Reply | To 6 | View Replies]
To: xrp
You forgot your sarcasm tag.

Better fix it. Someone might think you were serious.

9 posted on 01/07/2004 4:44:39 PM PST by Knitebane
[ Post Reply | Private Reply | To 6 | View Replies]
To: UB355
Mac or Windows - anyone relying on MS Word to protect a doc.doc from changes or inspection is a Maroon.
10 posted on 01/07/2004 4:45:40 PM PST by bwteim (Begin With The End In Mind)
[ Post Reply | Private Reply | To 1 | View Replies]
To: PureSolace
Yep, I think I will open up a Word Doc in Ultra Edit so I can hack it. The password protection feature of Word is kind of like car door locks, designed to keep out the casual thief.
11 posted on 01/07/2004 4:49:46 PM PST by stylin_geek (Koffi: 0, G.W. Bush: (I lost count))
[ Post Reply | Private Reply | To 7 | View Replies]
To: UB355
Delbrouck said there is no solution to the problem

Maybe the solution is to use pen and paper.

12 posted on 01/07/2004 5:05:01 PM PST by Age of Reason
[ Post Reply | Private Reply | To 1 | View Replies]
To: Knitebane
Sorry, I always forget it because 97% of my posts are sarcasm. This post not included.
13 posted on 01/07/2004 5:09:40 PM PST by xrp
[ Post Reply | Private Reply | To 9 | View Replies]
To: Leroy S. Mort
Exactly. This is a non-issue. Anyone who assumed this was cryptologically secure probably thinks passworded Zip files and any number of other "protection" systems are secure. Duh..

All depends on what the security is required for. I often email .zip files encrypted with fairly short passwords. The passwords would not be resistant to any sort of brute-force attack, but if I receive a file that's encrypted with the right password odds are reeaaally good it didn't come from a Melissa-worm or anything similar.

14 posted on 01/07/2004 5:15:14 PM PST by supercat (Why is it that the more "gun safety" laws are passed, the less safe my guns seem?)
[ Post Reply | Private Reply | To 5 | View Replies]
To: bwteim
Is that like Burgundy or Purple
15 posted on 01/07/2004 5:43:40 PM PST by CGASMIA68
[ Post Reply | Private Reply | To 10 | View Replies]
To: t1b8zs
More like puce...
16 posted on 01/07/2004 8:46:30 PM PST by null and void (One hand giveth, the other taketh away...)
[ Post Reply | Private Reply | To 15 | View Replies]
To: null and void; t1b8zs
heheh
17 posted on 01/08/2004 7:30:45 AM PST by bwteim (Begin With The End In Mind)
[ Post Reply | Private Reply | To 16 | View Replies]
To: UB355
Any body with a Mac knows how easy it is to by pass the password-protection feature for the PC application versions of Office. Much simpler then using a hex editor.

Anyone who relies on Microsofts non-durable password protection schemes for legal purposes deserves to lose in court.

18 posted on 01/08/2004 7:33:23 AM PST by Lazamataz (I stole this tagline from Conspiracy Guy. I beat him up and took it. That's because I can.)
[ Post Reply | Private Reply | To 1 | View Replies]
To: stylin_geek
Yep, I think I will open up a Word Doc in Ultra Edit so I can hack it. The password protection feature of Word is kind of like car door locks, designed to keep out the casual thief.

I'm pretty sure that opening a locked door (as in the modification of a contract) is against the law. I would not like to try this on a company that can afford lawyers, like Dell.

19 posted on 01/08/2004 7:38:28 AM PST by js1138
[ Post Reply | Private Reply | To 11 | View Replies]
To: Lazamataz
Just e-mail the documents encrypted with PGP and digitally sign. Forget simple Zip/Word passwords.
20 posted on 01/08/2004 7:38:35 AM PST by 4CJ (Dialing 911 doesn't stop a crime - a .45 does.)
[ Post Reply | Private Reply | To 18 | View Replies]

Navigation: use the links below to view more comments.
first 1-2021-22 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search		 News/Activism
Topics · Post Article
FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson