SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Web Browser)  >   Microsoft Internet Explorer (IE) Vendors:   Microsoft
Internet Explorer Sends Potentially Sensitive Web Browser Contents to Microsoft via the Network When an Error Occurs
SecurityTracker Alert ID:  1002560
SecurityTracker URL:  http://securitytracker.com/id/1002560
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 16 2001
Impact:   Disclosure of system information, Disclosure of user information

Version(s): IE 5 and higher
Description:   The U.S. Department of Energy Computer Incident Advisory Center (CIAC) warned of an "Error Reporting" feature in Microsoft Internet Explorer that causes potentially sensitive user information to be sent over the network to Microsoft when errors occur.

It is reported that, in the default configuration, the Error Reporting feature may send portions of the user's web browser contents to Microsoft along with debugging information. No further details were provided.

The CIAC advisory is available at:

http://www.ciac.org/ciac/bulletins/m-005.shtml

Impact:   Portions of the local user's web browser contents may be sent to Microsoft along with debugging information when an error occurs in the application.
Solution:   CIAC reports that disabling Error Reporting in Internet Explorer varies depending on which version of IE is being used. Special instructions for IE 6 on Windows XP are provided at the bottom of this section.

For IE, CIAC recommends first trying to remov Internet Explorer Error Reporting using the Control Panel:

1.Click Start, point to Settings, and then click Control Panel.
2.Double-click Add/Remove Programs.
3.In the list of installed programs, click Internet Explorer Error Reporting, and then click Add/Remove (Windows 98, Me,
NT 4) or Remove (Windows 2000).
4.Click OK.

If Internet Explorer Error Reporting is not present in Add/Remove Programs, use the Registry script available at http://www.ciac.org/ciac/bulletins/office/UnWatsonIE6.reg to disable it.

CIAC notes that only administators have access to the Registry.

For Internet Explorer 6 on Windows XP, the following steps can be used to disable Error Reporting:

1.Click Start, and then click Control Panel (or point to Settings, and then click Control Panel).
2.Double-click System (or click "Switch to Classic View", and then double-click System).
3.Click the Advanced tab, and then click Error Reporting.
4.Click "Disable error reporting" to disable both user and kernel-mode error reporting, or click to clear the Programs check
box.
5.Click OK, then click OK again.

Administrators can disable error reporting in Windows XP Professional by setting Report Errors to Disabled in Group Policy Editor (Gpedit.msc) in the Computer Configuration\Administrative Templates\System\Error Reporting folder.

Vendor URL:  www.microsoft.com/technet/security (Links to External Site)
Cause:   Exception handling error
Underlying OS:   Windows (Me), Windows (NT), Windows (95), Windows (98), Windows (2000), Windows (XP)

Message History:   None.


 Source Message Contents

Date:  Mon, 15 Oct 2001 14:11:52 -0700 (PDT)
Subject:  BULLETIN M-005 Office XP Error Reporting May Send Sensitive Documents to Microsoft


[For Public Release]
-----BEGIN PGP SIGNED MESSAGE-----


             __________________________________________________________

                       The U.S. Department of Energy
                     Computer Incident Advisory Center
                           ___  __ __    _     ___
                          /       |     /_\   /
                          \___  __|__  /   \  \___
             __________________________________________________________

                             INFORMATION BULLETIN

      Office XP Error Reporting May Send Sensitive Documents to Microsoft

October 15, 2001 20:00 GMT                                        Number M-005
______________________________________________________________________________
PROBLEM:       Microsoft Office XP and Internet Explorer version 5 and later 
               are configured to automatically send debugging information to 
               Microsoft in the event of a program crash. The debugging 
               information includes a memory dump which may contain all or 
               part of the document being viewed or edited. This debug message 
               potentially could contain sensitive, private information. 
PLATFORM:      Microsoft Office XP 
               Microsoft Internet Explorer 5.0 and later 
               Microsoft Windows XP
               Microsoft has indicated that this will be a feature of all new 
               Microsoft products. 
DAMAGE:        Sensitive or private information could inadvertently be sent to 
               Microsoft. Some simple testing of the feature found document 
               information in one message out of three. 
SOLUTION:      Apply the registry changes listed in this bulletin to disable 
               the automatic sending of debugging information. If you are 
               working with sensitive information and a program asks to send 
               debugging information to Microsoft, you should click No. 
______________________________________________________________________________
VULNERABILITY  The risk is MEDIUM/LOW. Sensitive documents could be sent to 
ASSESSMENT:    Microsoft. 
______________________________________________________________________________
LINKS: 
 CIAC BULLETIN:      http://www.ciac.org/ciac/bulletins/m-005.shtml 
 PATCHES:            Office XP: 
                     http://www.ciac.org/ciac/bulletins/office/UnWatsonXP.reg 
                     IE: 
                     http://www.ciac.org/ciac/bulletins/office/UnWatsonIE6.reg 
______________________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition

iQCVAwUBO8tQX7nzJzdsy3QZAQFZmwQAsuSWtcq5Awto+CfFt3tlOfn7LaOwGgLW
4kdmc88VtNlOiBOkKWN9iNiYRwHRDcgewbj192VJQ0HLj3gYwG9+WvXKG6l+p+yv
F8kI4vj6A+7W4O8RINdsde/93Zvjc/HV7xEjTUf4mGrTszroedWSKqfJpG7NM/Gx
c5hKuVfjr5g=
=hGr1
-----END PGP SIGNATURE-----

-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
This message was posted through the FIRST mailing list server.  If you
wish to unsubscribe from this mailing list, send the message body of
"unsubscribe first-info" to first-majordomo@FIRST.ORG
-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC