Office XP Error Reporting May Send Sensitive Documents to Microsoft http://www.ciac.org/ciac/bulletins/m-005.shtml
October 15, 2001 19:00 GMT Revised: October 16, 2001, 1900 GMT Revised: October 17, 2001, 1900 GMT Revised: October 18, 2001, 1900 GMT PROBLEM: Microsoft Office XP and Internet Explorer version 5 and later are configured to request to send debugging information to Microsoft in the event of a program crash. The debugging information includes a memory dump which may contain all or part of the document being viewed or edited. This debug message potentially could contain sensitive, private information. PLATFORM: Microsoft Office XP Microsoft Internet Explorer 5.0 and later Windows XP Microsoft has indicated that this will be a feature of all new Microsoft products DAMAGE: Sensitive or private information could inadvertently be sent to Microsoft. Some simple testing of the feature found document information in one message out of three. SOLUTION: Apply the registry changes listed in this bulletin to disable the automatic sending of debugging information. If you are working with sensitive information and a program asks to send debugging information to Microsoft, you should click Don't Send. VULNERABILITY ASSESSMENT: The risk is MEDIUM. Sensitive documents could be sent to Microsoft. THE END ==^================================================================ This email was sent to: [email protected] EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrHhl.bVKZIr Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
