Why do attachments from email much safer to open in protected view? What does editing a document do to make it dangerous?

721 views
0

Why do attachments from email much safer to open in protected view? What does editing a document do to make it dangerous?

In: Technology

depends on the document but word, excel, ppt, etc can run script/macros that mess with your computer. protected mode disables all of that so it can’t mess with your computer.

Jaks has the right answer. If you open a document for editing, you’re implicitly giving it permission to run whatever is within the document, and you have no way to know what that is when you first open it.

The document will run with the permissions of the logged-in user, meaning any macro attached to it will be able to do anything you can do. It’s incredibly dangerous.

Take a look at this (thorough but technical) [writeup](https://blogs.perficient.com/2018/05/22/how-microsoft-word-protected-view-stops-information-leaks/). The tl;dr is that allowing you to edit the document requires Word to render all content, including content that Word needs to download from elsewhere over the Internet. If the document instructs Word to download content from a site controlled by someone malicious, you open yourself up to a variety of attacks.

modern documents are not just a bunch of text and images. They contain tiny little programs that manage all sorts of things (like how the page should look on screen vs when it is printed, or decide what they do when you are missing a font, up to enforcing corporate policies).

However, those programs can potentially do much more, like deleting your files. You don’t want your files deleted because someone random from the interweb send you “funny cat pictures”.