Microsoft Office has a Protected View feature which is supposed to reduce the risks of opening documents/files from the internet that may be unsafe. However, why is printing disabled as well? Is it because if the printer is a network printer malware could potentially spread? I couldn't find any results other than the simple reiteration that printing is disabled in protected view.
Asked
Active
Viewed 5,599 times
2 Answers
8
I guess the Answer is burried in this Document by Microsoft.
https://blogs.technet.microsoft.com/office2010/2009/08/13/protected-view-in-office-2010/
The "protected view" is a winword-process running inside a sandbox (claim by microsoft(. Basically it is an instance of word that has really low privileges. For example it can't change your profile or user settings (which means, that a macro in a word file that is not in protected mode CAN do such stuff... for whatever reasons this might be considered useful in the first place!)
So this winword.exe process has really almost no access rights to anything else on your computer. Hence probably not even to your printers. This seems reasonable as even just exfiltrating your printer names and settings could be a problem.
So to print, the document has to be opened in a winword.exe instance that is NOT sandboxed. It's an "all or nothing approach", which is kinda unfortunate but better than no protection at all. And yes, that's the price that we have to pay for stupid decisions MS did with early versions of Microsoft office.
kruemi
- 265
2
Hard to say Why anyone does anything. :)
My guess would be because potentially/theoretically a document could be crafted to take advantage of a flaw in a printer driver to compromise the system's security.
For example, if the flaw was bad enough, one may be able to overflow the driver's active memory range and inject arbitrary code into the stack, which then could/would be run.
Ƭᴇcʜιᴇ007
- 113,841