Microsoft Word Password protection in criticized
Microsoft Word Password protection in criticized
Microsoft Word documents that use the software's built-in password
protection to avoid unauthorized editing can easily be modified using
a relatively simple hack that was recently published on a security Web
site.
Known as the Password to Modify feature, the password-protection
mechanism in Microsoft Word can be bypassed, disabled or deleted with
the help of a simple programming tool called a hex editor. The hack
does not leave a trace, meaning an unauthorized user could remove the
password protection from a document, edit it and replace the original
password.
Microsoft was informed about the vulnerability in late November by
Thorsten Delbrouck, chief information officer of Guardeonic Solutions,
which is a subsidiary of German security specialist Infineon
Technologies.
In a Knowledge Base article published in early December, Microsoft
denied there was a problem because, the company said, the
password-protection feature is not intended to provide "fool-proof
protection for tampering or spoofing," but is "merely a functionality
to prevent accidental changes of a document."
"(When) you use the Password to Modify feature, the feature is
functioning as intended even when a user with malicious intent
bypasses the feature," the technical support document explained. "The
behavior occurs because the feature was never designed to protect your
document or file from a user with malicious intent."
The software giant recommends that users who want to secure their
documents use the Password to Open feature.
However, Microsoft's assertions were questioned by Delbrouck, who said
the feature poses serious legal implications for companies. He
explained that one of his company's hardware suppliers is Dell, which
e-mails its quotes on a protected Word document. What happens, asked
Delbrouck, if Dell sends him an offer, he uses the hack to modify the
offer in his favor, then signs it and faxes it back?
"We would probably end up in court and an expert would probably look
at the original document and say, 'this document is protected by a
password that the customer could not have known. It has not been
modified because the protection is still active and the document still
has its original password,'" Delbrouck said.
Following Delbrouck's revelations, which were posted Friday, Microsoft
updated its Knowledge Base article to include the following warning:
"When you are using the 'Password to Modify' feature, a malicious user
may still be able to gain access to your password."
Delbrouck said there is no solution to the problem. Instead of using
the protect feature, he advises companies sending sensitive
information to use digital signatures or a different document format
altogether, such as Adobe's PDF, which he has recommended to Dell in
Germany.
David Bennie, Microsoft UK's Office product marketing manager, told
ZDNet UK that although Word's password protection is useful for
collaborating with colleagues, it is not a security feature and should
not be relied upon as such.
"If (users) are using it as a security feature, then that is not
correct," Bennie said. He agreed that if a company wants to transport
documents securely, it should either use digital certificates or an
application such as Adobe Acrobat that can "lock down" the document.
"If you are looking for secure encryption, you should not be using
this feature. We have lots of customers out there using password
protection, but the reason they are doing that is to stop general
users changing the text or whatever--and it works perfectly well for
that," Bennie said.
However, Delbrouck countered that Microsoft is attempting to play down
the problem because it cannot be fixed. "I doubt there is much they
can do about it, because they have to be backward-compatible with
their file format, which keeps changing," he said. "I think the only
possible solution for them was to play down the problem."
Munir Kotadia of ZDNet UK reported from London. CNET News.com's Robert
Lemos reported from San Francisco.
