Word and Excel document insecurity – January 2005


Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

We look at some reader feedback on the Word and Excel document decryption problem for January 2005.

Thanks to all the readers who gave us feedback on the Word and Excel document decryption problem mentioned in the last Office Watch article.

Readers seem divided into two roughly equal camps – those that are appalled that such a simple workaround to encrypted documents could have been allowed to go unfixed by Microsoft – and those who are appalled that anyone would trust any encryption method provided by Microsoft.

Microsoft has been customarily silent on the matter and we’ve had no reply to our enquiries. We can tell you that the problem can include documents that have RC4 encryption.

To clarify what is needed to make the decryption hack work – you need two versions of a document created with the same stream key. Two exact copies (ie the original and a backup) are no good – the two documents
need to be similar but not the same (for example a previous version of a document before some revisions).

We look with interest to seeing what Microsoft comes up with. Since this problem has been known on the MS campus for sometime there’s no real excuse for a delay in releasing details, workarounds and fixes.

 

subs profile e1563205311409 - Word and Excel document insecurity - January 2005
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address