none
Word 2010: Save as PDF causes XXE problems RRS feed

  • Question

  • My company has been experiencing problems with Word documents saved as PDFs.  The process appears to inject external XML Entities (XXE) into the document that make our firewall flag them as threats.  

    It appears to be only from documents saved as PDF using an Office application's Save As dialog.

    For the time being, I've told my users to stop making PDFs this way, and instead print through the PDF printer that came with Adobe Acrobat Pro.  None of those PDFs cause the problem.

    But it's often difficult to get users to do something if it's more complicated, and the complaint usually comes from a website editor who is blocked from uploading the PDF, far down the chain from the person who created the PDF.  Sometimes the creator is from a different organization.

    I'm not interested in discussing firewall configuration in a group dedicated to Office, but I would like to know what it is about Office's save as PDF that puts this unneccessary stuff in the resulting PDFs. 


    Friday, May 8, 2015 1:57 PM

Answers

  • It wasn't really appropriate to move this question to this forum, since we're not programming against the Open XML SDK, merely using Office's builtin functionality.

    That said, the firewall's threat detection was a false positive and was fixed by upgrading the firewall software.

    I still don't know what it was about PDFs made with Microsoft's Save as PDF, versus PDFs made in other ways, that made the firewall choke.

    Monday, May 11, 2015 2:08 PM

All replies

  • Hi MituD,

    According to your description, this issue is more related to Office open xml , the Office open xml forum is a better place for this issue, and we will move it there for you.

    George Zhao
    TechNet Community Support


    It's recommended to download and install Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office programs.

    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.
    Monday, May 11, 2015 7:14 AM
  • It wasn't really appropriate to move this question to this forum, since we're not programming against the Open XML SDK, merely using Office's builtin functionality.

    That said, the firewall's threat detection was a false positive and was fixed by upgrading the firewall software.

    I still don't know what it was about PDFs made with Microsoft's Save as PDF, versus PDFs made in other ways, that made the firewall choke.

    Monday, May 11, 2015 2:08 PM
  • all the documents ?

    Monday, May 11, 2015 4:29 PM
  • It's unclear what you're asking.

    However, a PDF which previously failed to upload now uploads successfully.  Before all this, PDFs saved from Office (and only those) failed to upload.

    Monday, May 11, 2015 5:22 PM
  • Hi Spencer I agree that the OpenXML SDK forum is certainly the wrong place for this question. Where did you post it, originally? Your discovery is very useful and I'd like to see it in a more "appropriate" venue, so I'd move it back...

    Cindy Meister, VSTO/Word MVP, my blog

    Wednesday, May 20, 2015 7:26 PM
    Moderator
  • Thank for your reply; if it still matters, it was the Office 2010 - IT Pro General Discussions Forum.
    Wednesday, February 22, 2017 4:37 PM