The feature that reports errors sends crash and debugging information back to Microsoft to help the company detect and fix bugs in its software. But the US Department of Energy's Computer Incident Advisory Capability office (CIAC) has released a security bulletin reporting that the debugging information includes an image of the current contents of the PC's memory, which may include all or part of the document being viewed or edited.
"If a sensitive document is resident in the memory dump, this could be sent to Microsoft," said Graham Cluley, senior technology consultant at antivirus company Sophos. "This is not a serious problem but an interesting foible."
The CIAC bulletin states that the error reporting function is configured to "automatically" send debugging information to Microsoft and says the relevant dialog box does not make it obvious that the contents of the document being edited may be sent along with information about the program crash.
But Microsoft says the reporting function asks for permission before any information is forwarded, while additionally offering the option of turning the feature off from all company desktops.
"We make it clear to customers that when a problem occurs, their Digital Product ID and Internet Protocol (IP) address will be sent to us," said Neil Laver, Windows marketing manager. "The report could also contain customer-specific information, which could be used to identify a person's identity, but will not be used."
Laver said Microsoft also limits the number of people who have access to the bug reports.
The error reports are sent via a standard security protocol, which is sufficient for protecting confidentiality, according to Microsoft. "This encrypts data sent over the Internet, but not the document," Laver said.
Cluley thinks it's unlikely that many companies will be sending bug reports over the Internet but warned that "whenever any kind of communication takes place on the Internet, there is always the opportunity for people to intercept it."
When security matters don't use closed source software as it does not allow you to determine how much spying the developer does on your sensitive data.
This can not happen with open source software because someone will soon find the hole.