4.1 Encryption and Obfuscation (Password to Open)

When XOR obfuscation (section 2.2.6.1) is used, data can be easily extracted and the document password might be retrievable.

When obfuscation or encryption is used, the ObjectPool storage, Macros storage, Custom XML Data storage, XML Signatures storage, and Signatures stream are not obfuscated or encrypted.

When XOR obfuscation (section 2.2.6.1) or Office binary document RC4 encryption (section 2.2.6.2) is used or when Office binary document RC4 CryptoAPI encryption (section 2.2.6.3) is used with fDocProps set to false in EncryptionHeader.Flags, the Document Summary Information stream and the Summary Information stream are not obfuscated or encrypted.

When Office binary document RC4 encryption (section 2.2.6.2) or Office binary document RC4 CryptoAPI encryption (section 2.2.6.3) is used, the same block numbers are reused in the WordDocument stream, the Table stream, and the entire Data stream. This reuse can occur potentially with known cleartext, implying that certain portions of encrypted data can be directly extracted or easily retrieved.

See [MS-OFFCRYPTO] section 4.1.3 for additional security considerations with encryption and obfuscation in Word binary files.