Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Microsoft Word Password loop hole (Article)

  • 11-05-2004 4:09pm
    #1
    Registered Users, Registered Users 2 Posts: 15,956 ✭✭✭✭


    This only works if you can actually open the file and it is locked for editing or copying.

    Interesting do
    From:
    http://news.zdnet.co.uk/software/windows/0,39020396,39118935,00.htm
    A simple hack to Word's password-protection feature means documents may not be as secure as users believe. No fix is on the way, says Microsoft

    Microsoft Word documents that use the software's built-in password protection to avoid unauthorised editing can easily be modified using a relatively simple hack that was published on a security Web site last Friday.

    The password-protection feature in Microsoft Word -- activated by clicking on Tools/Protect Document -- can be bypassed, disabled or deleted at will, with the help of a simple programming tool called a hex editor. The hack does not leave a trace, meaning an unauthorised user could remove the password protection from a document, edit it, and then replace the original password

    I actually tried this in a simpler way, I opened a file that was password protected and saved it as html and I could copy, paste, edit etc.


Comments

  • Registered Users, Registered Users 2 Posts: 19,396 ✭✭✭✭Karoma


    old news.


    "When you use a feature that is designed to enable a collaboration scenario but is not designed to help make your document or file more secure, for example you use the Password to Modify feature, the feature is functioning as intended even when a user with malicious intent bypasses the feature. This behavior occurs because the feature was never designed to help protect your document or file from a user with malicious intent."


    Translate to: "it's a feature, not a bug!"


  • Registered Users, Registered Users 2 Posts: 15,956 ✭✭✭✭Villain


    Originally posted by Karoma
    old news.

    Correct, but I done a search on this forum and didn't see it, if it was posted here before I apologise, but then its only old if you have already seen it:D


  • Registered Users, Registered Users 2 Posts: 19,396 ✭✭✭✭Karoma


    could have sworn somebody posted it here (Security forum if i remember correctly) - but yeah, a search doesn't bring it up... *shrug*


Advertisement