Slashdot Mirror
Microsoft Word Forms Passwords Hacked
An anonymous reader notes: "SecurityFocus has published a hack that can be used to unlock Microsoft Word documents that have been password protected. The 'secure' file can easily be edited and the original password re-inserted, removing any trace of the modification. A ZDNet UK article says Dell uses password protected Word files to send quotes, which could make for a messy legal battle." This feature, known as 'Password to Modify', is not the password protection on the document itself, just the protection that restricts unauthorized editing of the file. This hack allows someone to download such a file, edit it, and restore the password...effectively allowing changes to the file to go potentially unnoticed.
Is this a dupe? I could swear I've read this one before.
it is not a problem, it is a feature!
No trees were harmed in the composition of this; however, numerous electrons were inconvenienced.
I swear, you guys gave me a quote of $6.35 for a new Latitude.
that I noticed my customer was a 12 foot tall monster from the crustacious period! He looked me right in the eye and said, 'My quote for the dell says about Tree-Fitty!' and I said GOD DAMN YOU LOCHNESS MONSTER!
Actually it doesn't need a possessive. "Microsoft Word" is a noun functioning as an adjective, describing the noun 'forms'. You need to brush up, Nazi.
MS Word is what you make web pages with, right?
Right...?
I'm on a chair.
Probably someone who truly believes their software is so ubiquitous that there would be no such thing as "hostile software."
Well, what are the passwords, then?
Microsoft pointed to this Knowledge Base article. Choice quote: "Not all features that are found on the Security tab are designed to help make your documents and files more secure."
This is excellent news. The more Microsoft continues to prove itself as market leaders in security the more copies of Windows XP SP2 they can sell.;)
...
nick
Electronic Music Made Using Linux http://soundcloud.com/polyp
You're new here aren't you?
/.
Welcome to
I can't believe they found a security hole in a Microsoft product. What has the world come to.
"I hardly think that's good enough! I think it would be more appropriate if the box bore a big red label, 'WARNING: LARK'S VOMIT!'"
Our sales would plummet!
I helped a family member install a washer/dryer set. It took 220v/60hz and he hadn't installed the plug onto the bare wires.
We asked my dear cousin if the breaker was set to "off," asked her to double check, and then went to work. I went to work and accidentally bumped the wires, causing a huge arc about 2 inches in front of my eyes.
I was lucky to live, folks. I'm not sure who the bigger fool was, me or my cousin. The leson is that a wire isn't dead until you have personally checked it, and checked it again. Even then you have to be careful.
I'm pretty new to high voltage electronics and information security, but I have learned a lesson.
It seems to me that even if you use this Word feature, and know what it does, you can't count on your documents being secured. Another ignoramus will come along and screw it up and you won't know it. I really despise half solutions. They are as useful as almost making jump over the Grand Canyon.
Now, we all know what the information security equivalent to lockout/tagout is, right?
Done venting now, thanks.
Why do I have this? I don't smoke.
> IAAPN (I Am A Punctuation Nazi): the headline should read "Microsoft Word Forms' Passwords Cracked" or "Microsoft Word Forms's Passwords Cracked".
./, but true.
Apparently IKEGBTYD (I Know English Grammar Better than You Do): Wrong. Nouns being used in a partitive or atttributive sense are not possessives and do not require apostrophe + s. (You say "C compiler" and "dog food", and not "C's compiler" and "dog's food", right?)
The headline is correct. Hard to believe since this is
Il n'y a pas de Planet B.