Microsoft Security Bulletin MS98-005 - Critical
Unwanted Data Issue with Office 98 for the Macintosh
Published: July 17, 1998
Last Revision: July 17, 1998
Recently Microsoft was notified of an issue affecting the way files are stored to local hard disk drives in Microsoft® Office 98 for Macintosh. When Office 98 for Macintosh creates a file on the local hard disk drive for storage, it is possible that a small amount of random data from a previously deleted file could become embedded in the Office 98 file.
Although the likelihood of revealing sensitive information is minimal, if this file were then sent to another user, it could possibly expose data from a previously deleted file on the sender's system.
The purpose of this bulletin is to inform Microsoft customers of this issue, its applicability to Microsoft products, and the availability of countermeasures that Microsoft has developed to further secure its customers.
The problem is caused by the way Office 98 allocates space on a disk for local file storage. The Mac OS, like many other Operating System (OS) file systems does not erase files when you delete them, it simply removes a reference to them in the disk's catalog, and marks the space they occupied as free. Office 98 does not clear the disk space when the Mac OS allocates it during a File Save operation. Instead, Office 98 simply writes the file contents to the allocated disk space, overwriting any random data that physically existed on the disk. Since the Mac OS allocates the disk space in set chucks, called clusters, the small amount of unused space at the end of the file's last cluster may contain random data from previously deleted files. The data cannot be viewed when opened as a native Office file. However, an ASCII text editor can be used to view the extraneous data.
The chance that sensitive data will be transferred through this bug is unlikely, since multiple unusual scenarios must occur.
Affected Software Versions
- Microsoft Office 98 for the Macintosh
What Microsoft is Doing
Microsoft has produced an update for Office 98 for the Macintosh that completely eliminates this problem. This update is available from Microsoft's Web site, as well as from Microsoft Technical Support. It will be included in future updates of Office 98 for the Macintosh.
What Customers Should Do
Microsoft recommends that customers using Office 98 for the Macintosh install the available Office 98 update, which can be downloaded from the Office 98 for the Macintosh Web site at http://www.microsoft.com/macoffice.
Previous versions of Office for the Macintosh are not affected.
Customers who cannot apply the hot fix can use the following workarounds to temporarily address this issue:
- This problem can be eliminated by using a third-party disk utility for the Mac OS that will completely erase files when they are deleted.
- Users can save files to freshly formatted floppy disks to ensure that no unwanted data is included with the file.
- This issue only affects files that are saved to a local Macintosh volume. By performing a "Save As..." operation from Office 98 and saving the file to network volume, to a Windows NT Server running Services for Macintosh, for example, any random data at the end of the file will be removed.
Please see the following references for more information related to this issue.
Microsoft Security Bulletin 98-005, Unwanted Data Issue with Office 98 for the Macintosh (the Web-posted version of this bulletin), http://www.microsoft.com/technet/security/bulletin/ms98-005.mspx
Microsoft MacOffice Web site, http://www.microsoft.com/macoffice
- July 17, 1998: Bulletin Created
For additional security-related information about Microsoft products, please visit http://www.microsoft.com/technet/security
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
Built at 2014-04-18T13:49:36Z-07:00