Office XP Debug Feature May Send Sensitive Documents to Micr Privacy and Legal Notice

CIAC INFORMATION BULLETIN

M-005c: Office XP Error Reporting May Send Sensitive Documents to Microsoft

 October 15, 2001 19:00 GMT
Revised: October 16, 2001, 1900 GMT
Revised: October 17, 2001, 1900 GMT
Revised: October 18, 2001, 1900 GMT
PROBLEM: Microsoft Office XP and Internet Explorer version 5 and later are configured to request to send debugging information to Microsoft in the event of a program crash. The debugging information includes a memory dump which may contain all or part of the document being viewed or edited. This debug message potentially could contain sensitive, private information.
PLATFORM:
  • Microsoft Office XP
  • Microsoft Internet Explorer 5.0 and later
  • Windows XP
  • Microsoft has indicated that this will be a feature of all new Microsoft products
DAMAGE: Sensitive or private information could inadvertently be sent to Microsoft. Some simple testing of the feature found document information in one message out of three.
SOLUTION: Apply the registry changes listed in this bulletin to disable the automatic sending of debugging information. If you are working with sensitive information and a program asks to send debugging information to Microsoft, you should click Don't Send.
VULNERABILITY
ASSESSMENT:		 The risk is MEDIUM. Sensitive documents could be sent to Microsoft.
LINKS:  
  CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/m-005.shtml
  PATCHES: Office XP:
http://www.ciac.org/ciac/bulletins/office/UnWatsonXP.reg
IE:
http://www.ciac.org/ciac/bulletins/office/UnWatsonIE6.reg

[Revision 10/16/01 Emphasize debug dialog box]
[Revision 10/17/01 Removed erroneous key, IEWatsonDisabled, from reg file]
[Revision 10/18/01 Added links to Microsoft pages]

Microsoft's Error Reporting Can Send Your Data Across the Internet

Office XP, Internet Explorer (version 5 and higher), and Windows XP use a feature called Error Reporting to send crash and debug information back to Microsoft to help them detect and fix bugs in their software. Unfortunately, Error Reporting can send portions of the document or web site you are viewing along with this debugging information. The error reporting feature and the data it collects is described in the following pages on the Microsoft website.

http://www.microsoft.com/office/ork/xp/two/admA05.htm

http://watson.microsoft.com/dw/1033/dcp.asp

Error reporting in Internet Explorer is discussed on the following pages. Note that the name of the registry key to change is wrong in this article. The key is IEWatsonEnabled and should be set to 0 to disable Error Reporting.

http://support.microsoft.com/support/kb/articles/Q276/5/50.ASP

When error reporting activates after a crash, it displays the dialog box shown below that asks to send debugging information to Microsoft. The information sent to Microsoft includes a copy of the block of memory where the program was running when it crashed. It is not evident from the dialog box that the contents of the document being edited may be in that memory block. If the document you are viewing or editing in any way could be considered sensitive you should answer Don't Send to this request.

This bulletin contains instructions for disabling Error Reporting in both Internet Explorer and Office XP on all versions of Windows. (At this time, Error Reporting is not available, and does not need to be disabled, on Macintosh computers.)

Office XP

To disable Error Reporting in Office XP (on any version of Windows), use the Registry script below. Double clicking on a .REG file runs Regedit and makes the changes in the file. The script disables Error Reporting for the current user only, and so must be run by each user of a system. (New users created after the script is run will have the changes made for them, and do not need to re-run the script.)

Registry Script UnWatsonXP.reg 

REGEDIT4



[HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\10.0\Common]

"DWNeverUpload"=dword:00000001

"DWNoExternalURL"=dword:00000001

"DWNoFileCollection"=dword:00000001

"DWNoSecondLevelCollection"=dword:00000001



[HKEY_USERS\.Default\Software\Policies\Microsoft\Office\10.0\Common]

"DWNeverUpload"=dword:00000001

"DWNoExternalURL"=dword:00000001

"DWNoFileCollection"=dword:00000001

"DWNoSecondLevelCollection"=dword:00000001

Only administrators have access to the Registry. If you receive an error when trying to run this script, contact your administrator or local support group.

Internet Explorer 5.x

Disabling Error Reporting in Internet Explorer varies depending on which version of IE you are using. For Internet Explorer 5.x, remove Internet Explorer Error Reporting using the Add/Remove Programs Control Panel:

  1. Click Start, point to Settings, and then click Control Panel.
  2. Double-click Add/Remove Programs.
  3. In the list of installed programs, click Internet Explorer Error Reporting, and then click Add/Remove (Windows 98, Me, NT 4) or Remove (Windows 2000).
  4. Click OK.

Internet Explorer 6 on Windows 2000 and Earlier

For Internet Explorer 6 on Windows 2000 and earlier, use the Registry script below to disable Error Reporting.

Registry Script UnWatsonIE6.reg

REGEDIT4



[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"IEWatsonEnabled"=dword:00000000

Only administators have access to the Registry. If you receive an error when trying to run this script, contact your administrator or local support group.

Internet Explorer 6 on Windows XP

To disable Error Reporting in Internet Explorer 6 running on Windows XP:

  1. Click Start, and then click Control Panel (or point to Settings, and then click Control Panel).
  2. Double-click System (or click "Switch to Classic View", and then double-click System).
  3. Click the Advanced tab, and then click Error Reporting.
  4. Click "Disable error reporting" to disable both user and kernel-mode error reporting, or click to clear the Programs check box.
  5. Click OK, then click OK again.

Administrators can disable error reporting in Windows XP Professional by setting Report Errors to Disabled in Group Policy Editor (Gpedit.msc) in the Computer Configuration\Administrative Templates\System\Error Reporting folder.

CIAC wishes to acknowledge the contributions of Systems and Network Department help desk at the Lawrence Livermore National Laboratory for the information contained in this bulletin.
CIAC services are available to DOE, DOE Contractors, and the NIH. CIAC can be contacted at: 

    Voice:          +1 925-422-8193 (7 x 24)

    FAX:            +1 925-423-8002

    STU-III:        +1 925-423-2604

    E-mail:          ciac@llnl.gov

    World Wide Web:  http://www.ciac.org/

                     http://ciac.llnl.gov

                     (same machine -- either one will work)

    Anonymous FTP:   ftp.ciac.org

                     ciac.llnl.gov

                     (same machine -- either one will work)
This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes.
UCRL-MI-119788
[Privacy and Legal Notice]