When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Password protection in Microsoft Word criticized

Microsoft Word documents that use the software's built-in password protection to avoid unauthorized editing can easily be modified using a relatively simple hack that was recently published on a security Web site.

Known as the Password to Modify feature, the password-protection mechanism in Microsoft Word can be bypassed, disabled or deleted with the help of a simple programming tool called a hex editor. The hack does not leave a trace, meaning an unauthorized user could remove the password protection from a document, edit it and replace the original password.

Microsoft was informed about the vulnerability in late November by Thorsten Delbrouck, chief information officer of Guardeonic Solutions, which is a subsidiary of German security specialist Infineon Technologies. In a Knowledge Base article published in early December, Microsoft denied there was a problem because, the company said, the password-protection feature is not intended to provide "fool-proof protection for tampering or spoofing," but is "merely a functionality to prevent accidental changes of a document." "(When) you use the Password to Modify feature, the feature is functioning as intended even when a user with malicious intent bypasses the feature," the technical support document explained. "The behavior occurs because the feature was never designed to protect your document or file from a user with malicious intent."

News source: C|Net News.com

Report a problem with article
Next Article

AMD Delivers 64-bit Processors for Notebooks

Previous Article

Sony expands Minidisk size

Join the conversation!

Login or Sign Up to read and post a comment.

-1 Comments - Add comment