The Computer Incident Advisory Capability (CIAC), a US
Government department, has issued a warning that users of Microsoft
Windows XP, Office XP and Internet Explorer (versions 5.0 and
above) risk unknowingly sending Microsoft copies of their
confidential information.24 Oct 2001
CIAC, which forms part of the US Department of Energy, warns that the products are configured to send debugging information to Microsoft in the event of a program crash. According to CIAC:
“The debugging information includes a memory dump which may contain all or part of the document being viewed or edited. This debug message potentially could contain sensitive, private information.”
A bulletin from CIAC details registry changes which will disable the automatic sending of debugging information. When prompted by a program with a request to send debug information back to Microsoft, the user then simply clicks “Don’t Send.”