Reporter eEye Digital Security
` Article Title
Macintosh version of Word '98 includes sensitive material in document files.
Microsoft recently released a patch that solves a serious security problem in Word '98 for Macintosh.
It seems that Word '98 includes unrelated data taken from the hard-drive. This data can contain
passwords, or other confidential information that is on the hard-drive.
Since Word ignores the logical end of file and includes the entire contents of the final disk sector in the file,
other information can be placed in a document file. When this file is sent to other recipients, the hidden data
is sent with it.
This data is not viewable by Word, but any binary editor can view the file and reveal the information in it.
Although Microsoft claims only information from the hard drive is placed in the document (a bad thing by
itself!) several reports mention that information from the memory is included as well.
MacInTouch magazine has conducted a thorough research on this problem:
Microsoft has published a knowledge base article on this matter:
And also released a patch that solves this problem: