IDG News Service - A researcher posted instructions for circumventing a password feature in Microsoft Corp.'s popular Word word processing program.
The feature is designed to protect the content of specific elements of Word documents, such as forms or comments, from reviewers. However, a user can find and erase the password for the feature by saving the Word document as an HTML file and then viewing it with a simple text editor, according to a security alert posted Saturday to the Bugtraq security newsgroup.
Microsoft introduced a number of new security features in Word, Outlook and other products with the release of Office 2003 in October under the heading of "information rights management."
The features are based on Microsoft's Windows Rights Management Service technology, part of Windows Server 2003, and are designed to allow organizations to prevent digital content from being copied or modified without the author's knowledge. The new rights management features allow Word users to assign file permissions based on user roles, restrict printing and set expiration dates after which files cannot be opened.
Microsoft acknowledges on its Web page that the password feature is less secure than other security features, such as those allowing users to lock entire documents with a password.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
