Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Word Forms Passwords Hacked

Posted by Cliff on from the back-to-the-drawing-board dept.

An anonymous reader notes: "SecurityFocus has published a hack that can be used to unlock Microsoft Word documents that have been password protected. The 'secure' file can easily be edited and the original password re-inserted, removing any trace of the modification. A ZDNet UK article says Dell uses password protected Word files to send quotes, which could make for a messy legal battle." This feature, known as 'Password to Modify', is not the password protection on the document itself, just the protection that restricts unauthorized editing of the file. This hack allows someone to download such a file, edit it, and restore the password...effectively allowing changes to the file to go potentially unnoticed.

4 of 438 comments (clear)

  1. Forms by Anonymous Coward · · Score: 0, Troll

    Forms. What is it all about... is it good, or is it whack?

  2. DCMA Violation by N8F8 · · Score: 0, Troll

    Wanna bet?

    --
    "God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
  3. Re:hehe by deadsaijinx* · · Score: 0, Troll

    MS are drones.... bzzt
    Inferior human!

    --
    YOU SUCK BALLS!
  4. Re:Nothing New by rifter · · Score: 1, Troll

    Now I'm not sure what MS does to "enhance" these encryption types, but there it is, for what it's worth... (I wonder if Whitfield knows his name is contained within MS Word? ;)

    Probably they have embraced and extended them, rendering them incompatable with other products which use such standards and less secure than they would have been otherwise. :)