9
Microsoft Office has a Protected View feature which is supposed to reduce the risks of opening documents/files from the internet that may be unsafe. However, why is printing disabled as well? Is it because if the printer is a network printer malware could potentially spread? I couldn't find any results other than the simple reiteration that printing is disabled in protected view.
TheRyan722
Posted 2014-03-14T02:49:31.017
Reputation: 265
2
Hard to say Why anyone does anything. :)
My guess would be because potentially/theoretically a document could be crafted to take advantage of a flaw in a printer driver to compromise the system's security.
For example, if the flaw was bad enough, one may be able to overflow the driver's active memory range and inject arbitrary code into the stack, which then could/would be run.
Ƭᴇcʜιᴇ007
Posted 2014-03-14T02:49:31.017
Reputation: 103 763
But than the question remains, why I have to leave protected mode to print the document? Wh opening many attack vectors when for the things I want to do would be enough? – kruemi – 2018-11-02T12:09:14.857
4
I guess the Answer is burried in this Document by Microsoft.
https://blogs.technet.microsoft.com/office2010/2009/08/13/protected-view-in-office-2010/
The "protected view" is a winword-process running inside a sandbox (claim by microsoft(. Basically it is an instance of word that has really low privileges. For example it can't change your profile or user settings (which means, that a macro in a word file that is not in protected mode CAN do such stuff... for whatever reasons this might be considered useful in the first place!)
So this winword.exe process has really almost no access rights to anything else on your computer. Hence probably not even to your printers. This seems reasonable as even just exfiltrating your printer names and settings could be a problem.
So to print, the document has to be opened in a winword.exe instance that is NOT sandboxed. It's an "all or nothing approach", which is kinda unfortunate but better than no protection at all. And yes, that's the price that we have to pay for stupid decisions MS did with early versions of Microsoft office.
kruemi
Posted 2014-03-14T02:49:31.017
Reputation: 151
1I also hoped to find an answer to this question. It would be useful to print or convert such a scary office doc of unknown origin to PDF.I think it is because Microsoft doesn't know how to protect us from its own document formats. And it has always bothered me that they say trust it if it came from someone you trust. What if someone I used to trust now has a virus which is sending me virus laden documents? Seriously, why can't we go into edit mode get rid of anything "active" and print or export to PDF? – Core – 2017-02-01T01:39:49.403