WINWORD.EXE trying to access the keyboard?


When I open up a Microsoft Word document, I get a warning that Word is trying to access the keyboard. Is it normal behavior for Word to make some sort of hook to the keyboard?

Part of me would think it probably is, for example, to detect three quick 's in a row. However, I guess it is impossible to tell whether or not my WINWORD.EXE has been compromised anyways.

Hopefully someone has some insight. Thanks.

Word would access the internet if resources of a document were online, or it were checking for updates or themes etc.

If I just start word, no prompts are shown. I wouldn’t allow it anyway.

no, I think this is normal behaviour… Winword is a proces of the microsoft word program and that program needs access to your keyboard so that you can write and see stuff on your screen…

oops! Why did I say internet? My mistake. (:HUG)
Yes, it would be normal, just as you may get a prompt regarding accessing the screen directly, or creating a file/folder.


It’s safe to allow, tho writing, copy-and-paste, and all other function will most likely work even if you choose to deny keyboard access.
There’s a lot of other safe applications that wants (or needs) keyboard access, like browsers.


I read in an article (don’t remember where, sorry) that Word can even be considered as a keylogger - although not a harmful one, of course.

It’s perfectly alright to allow well known programs to access the keyboard, monitor etc. They need it to work properly. The only issue in allowing applications too much, is that holes will compromise security. There’s nothing we can do about that other than stop using the program and/or wait for a patch from the vendor.


Thanks for all of the replies!

Because it’s set to monitor keyboard you might get one or two alerts from applications I deny & they still work Comodo firewall is getting a bit over kill with alerts 14 alerts for internet explorer CCleaner 16 alerts & so on this wants to access that that wants to access this makes my head spin.
Why doesn’t Comodo recognise explore.exe being part of explorer? & so on.

i set winword as windows system application with defense+,
so i answered 1 alert and it’s done.
if the app is safe u can set it as trusted or windows application so u don’t have to reply lot of defense+ alerts.
defense+ is more interresting to control an unknow app so u can check all the activities it wants to run on your system and choose to block it or not.

I prefer control, but Defense+ is
You have to set a lower security level, or use installer mode to reduce the alerts, which is less than satisfactory and which doesn’t allways work. Defense+ doesn’t recognise the child processes spawned during an install, so even installer mode keeps bugging you with alerts about the temporary installation file and such.

If the app you install is unknown to you and you want to tread carefully then you are facing a massive amount of clicking.
It’s one of CFP’s biggest drawbacks.

Is it worth putting things like CCleaner in my trusted software vendors or just make it windows application.
I have it set for low alerts but updating CCleaner today I got 5 alerts.
Yesterday I must of got 100 alerts through out the day to allow this allow that