SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   Microsoft Office Vendors:   Microsoft
Microsoft Office XP Sends Potentially Sensitive Information to Microsoft Via the Network When an Error Occurs
SecurityTracker Alert ID:  1002559
SecurityTracker URL:  http://securitytracker.com/id/1002559
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Oct 16 2001
Original Entry Date:  Oct 16 2001
Impact:   Disclosure of system information, Disclosure of user information

Version(s): Office XP (on any version of Windows)
Description:   The U.S. Department of Energy Computer Incident Advisory Center (CIAC) warned of an "Error Reporting" feature in Microsoft Office that causes potentially sensitive user information to be sent over the network to Microsoft when errors occur.

It is reported that, in the default configuration, the Error Reporting feature may send portions of the user's document contents to Microsoft along with debugging information. No further details were provided.

The CIAC advisory is available at:

http://www.ciac.org/ciac/bulletins/m-005.shtml

Impact:   Portions of the local user's document contents may be sent to Microsoft along with debugging information when an error occurs in the application.
Solution:   According to CIAC, Error Reporting can be disabled in Office XP (on any version of Windows) by using the Registry script available at:

http://www.ciac.org/ciac/bulletins/office/UnWatsonXP.reg.

Double clicking on a .REG file will run Regedit and make the changes in the file. The script reportedly disables Error Reporting for the current user only and therefore must be run by each user on a system. It is also reported that new users that are created after the script is run will automatically have the changes made for them and do not need to re-run the script.

It is reported that users must have administrative privileges to run the script.

Vendor URL:  www.microsoft.com/technet/security/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:   Windows (Me), Windows (NT), Windows (95), Windows (98), Windows (2000), Windows (XP)

Message History:   None.


 Source Message Contents

Date:  Mon, 15 Oct 2001 14:11:52 -0700 (PDT)
Subject:  BULLETIN M-005 Office XP Error Reporting May Send Sensitive Documents to Microsoft


[For Public Release]
-----BEGIN PGP SIGNED MESSAGE-----


             __________________________________________________________

                       The U.S. Department of Energy
                     Computer Incident Advisory Center
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
             __________________________________________________________

                             INFORMATION BULLETIN

      Office XP Error Reporting May Send Sensitive Documents to Microsoft

October 15, 2001 20:00 GMT                                        Number M-005
______________________________________________________________________________
PROBLEM:       Microsoft Office XP and Internet Explorer version 5 and later 
               are configured to automatically send debugging information to 
               Microsoft in the event of a program crash. The debugging 
               information includes a memory dump which may contain all or 
               part of the document being viewed or edited. This debug message 
               potentially could contain sensitive, private information. 
PLATFORM:      Microsoft Office XP 
               Microsoft Internet Explorer 5.0 and later 
               Microsoft Windows XP
               Microsoft has indicated that this will be a feature of all new 
               Microsoft products. 
DAMAGE:        Sensitive or private information could inadvertently be sent to 
               Microsoft. Some simple testing of the feature found document 
               information in one message out of three. 
SOLUTION:      Apply the registry changes listed in this bulletin to disable 
               the automatic sending of debugging information. If you are 
               working with sensitive information and a program asks to send 
               debugging information to Microsoft, you should click No. 
______________________________________________________________________________
VULNERABILITY  The risk is MEDIUM/LOW. Sensitive documents could be sent to 
ASSESSMENT:    Microsoft. 
______________________________________________________________________________
LINKS: 
 CIAC BULLETIN:      http://www.ciac.org/ciac/bulletins/m-005.shtml 
 PATCHES:            Office XP: 
                     http://www.ciac.org/ciac/bulletins/office/UnWatsonXP.reg 
                     IE: 
                     http://www.ciac.org/ciac/bulletins/office/UnWatsonIE6.reg 
______________________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition

iQCVAwUBO8tQX7nzJzdsy3QZAQFZmwQAsuSWtcq5Awto+CfFt3tlOfn7LaOwGgLW
4kdmc88VtNlOiBOkKWN9iNiYRwHRDcgewbj192VJQ0HLj3gYwG9+WvXKG6l+p+yv
F8kI4vj6A+7W4O8RINdsde/93Zvjc/HV7xEjTUf4mGrTszroedWSKqfJpG7NM/Gx
c5hKuVfjr5g=
=hGr1
-----END PGP SIGNATURE-----

-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
This message was posted through the FIRST mailing list server.  If you
wish to unsubscribe from this mailing list, send the message body of
"unsubscribe first-info" to first-majordomo@FIRST.ORG
-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC