Cookies and Word documents

A recently-issued report suggests that opening a Word document can result in a cookie being saved on a user's computer. Although Microsoft welcomes any discussion that helps raise customer awareness about privacy, we believe the claims made in the report are overstated and do not provide customers with information on how they can easily prevent cookies from being saved on their computer.

There are several key points to keep in mind:

• Any web-enabled application can, by definition, contact a web site. There are thousands of such applications, written by many different vendors and running on many different operating systems, and it's not clear why the author has chosen to portray this as being specific to Word.

• Regardless of how a web site has been contacted - whether by a web-enabled application or by surfing directly to it - a web site can only put a cookie on your machine if you allow it.

• Internet Explorer provides features that let you select exactly which web sites you'll accept cookies from, and under what conditions. Once you've set them, they govern how cookies are handled in all cases.

In addition, the report suggests that opening such a document could reveal a user's IP address - that is, their network address -- to the web site. However, an IP address is always revealed as part of a web session, and only identifies the machine -- not the user. If a firewall is in place, the IP address would be that of the firewall; if not, the IP address would be that of the machine the user was using, at the time he opened the document.

Because there has been a great deal of discussion and misunderstanding about cookies and their use, we thought it would be helpful to provide some additional information about this topic in the form of a Frequently-Asked Questions page.