Security Risk in Microsoft Word normal.dotm

In Microsoft Word, by default, recently defined paragraph and character styles are automatically added to your normal.dotm file and then silently copied into new documents that you create. This can leak private information about what you have been doing or who you have been corresponding with.

Here’s an example of the privacy and security issue. Suppose a competitor found a .docx file on your website and inspected all the styles defined in it. Suppose they found an unused style named “USNavyGrantProposalTitle.” Now your competitor knows a secret about your company that you might not have wanted them to know.

I discovered this while experimenting with the Python “docx” library. I wrote a script that opens a .docx file and reports the names of all the styles defined inside the file, used or unused. I then created a new, blank Word document and saved it. When I ran my script on the empty document, I expected it would report a list of well-known, predefined Microsoft styles. To my surprise, the file also contained definitions for more than a hundred custom styles that had been defined in various other documents I had edited for clients.

You could potentially violate an NDA if the names of your styles reveal secrets you promised not to reveal.

Reportedly, this behavior of Word is optional and can be disabled by a confusing option in the Advanced->Save section of the settings. The option is called “Prompt before saving Normal template.” The default in my copy of Word is that it is disabled, which means that your custom styles will be silently saved in normal.dotm and then copied into new documents. I cannot verify that enabling this option will prevent Microsoft from screwing you over.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *