Microsoft Office for Windows Has Security Flaws in Word, Excel

The Internet Patrol default featured image
Share the knowledge


A cryptographer at the Singapore-based Institute of Infocomm Research has determined that there are serious security flaws in Microsoft Word and Excel in terms of their encryption for password protection of documents.

Hongjun Wu, who has written a paper on the subject, says that “A lot of information could be retrieved from those encrypted files. If anyone has used the encryption in Microsoft Office…then it is time for him/her to assess the damage that has been caused.”

Wow, that’s pretty straight-forward.

Said a Microsoft spokesperson, speaking to CNet news, “Our early investigation indicates that this issue poses a very low threat for customers. In some cases, an attacker may be able to read the contents of an encrypted file, if multiple versions of that file are available to the attacker. The attacker would need to have access to two distinct files with the same name that are protected by the same password in order to attempt to exploit the vulnerability.”

Once the investigation is completed, said Microsoft, ” Microsoft will take the appropriate actions to protect customers, which may include providing a security update through our monthly release process.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

One thought on “Microsoft Office for Windows Has Security Flaws in Word, Excel

  1. Let me get this straight. If you save private information with a key, and use the same key on another document. Then another person could get your private information easily, and that just “poses a very low threat for customers.”

    Unless you have photograpich memory, chances are you have use the same password for more than one document. Chances also are that those documents are in the same computer. Thus the person that have access to one, will have access to the other. Its also reasonable to asume that if you took the trouble to password protect a file that that data is confidential. In other words, if a person have access to your files, he will also have access to your confidential information. And that is what Microsoft deems a “very low threat”. Maybe for them, but certainly not for the customer.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.