DEPARTMENT OF ENERGY
INFORMATION SECURITY RESOURCE CENTER
PACIFIC NORTHWEST NATIONAL LABORATORY
ADVISORY NOTICE No. 22
August 11, 1997
WORD AND POWERPOINT "FAST SAVE" FEATURE
Microsoft Office 97 Word and PowerPoint for Windows, Microsoft Office 95 Word for Windows, Word 6.0 for Power Macintosh, and Word 5.0 for Macintosh software SAVE ALL DELETED TEXT using a feature called Fast Save. The Fast Save feature works by appending any changed text to the end of document file, leaving the original text intact. These deletions or changes are hidden and cannot be viewed in Word or PowerPoint, but when opening the document from a text editor, or even WordPerfect as plain text, the supposed deletions or changes can be read. This Fast Save feature is enabled during the initial default installation of the application.
While the Information Security Resource Center Advisory Notice No. 20 identified a similar problem with the Windows version of WordPerfect, the Word problem is so pervasive that it is found on both Microsoft (Windows) and Macintosh versions of the software. These hidden deletions and changes are even maintained when the file is emailed across different operating systems.
The impact of this is accentuated by the fact that several Department of Energy (DOE) Sites are accepting the Microsoft Office Suite, which includes Word and PowerPoint, as their standard for doing business within the community.
The Fast Save feature which retains the editing history of a document, including supposedly deleted text, could pose a problem for DOE and DOE contractors. Classified or sensitive information, presumed to be deleted from the final document, may be recovered by the recipient. Since there is such a wide variety of software applications that people are increasingly being required to know and use, knowledge of software details is losing the battle to simple functionality. These tools of the modern office are becoming a bigger concern to security personnel as weaknesses are found, typically after a broad acceptance of these software applications.
When documents are saved in Microsoft Word and PowerPoint, the software application uses a feature called "Fast Save" which appends changes to the document, instead of overwriting the entire document. If no changes have been made to the Fast Save option, the Microsoft Office 95 and 97 default is to allow Fast Save. There is no size restriction on the modification, it can be as minor as deleting an extra return or as large as deleting entire pages.
In addition to appending deletions and editing changes to the document, user information of anyone making changes or modifying the document are also is added to the document as hidden text. This information can range from the name of the user, the name of the users computer, the name of the file, and the location of the saved file on the users hard drive. The default is the name and initials of the user entered during the setup dialog when installing the Microsoft Office software.
The appended changes and the user information cannot be read in the file when retrieved in Microsoft Word or PowerPoint, but can be read when the file is opened in any ASCII plain text editor, i.e., Notepad, or in WordPerfect. Additionally, when a Microsoft Word and PowerPoint document is sent through electronic mail, all of the associated deletions, changes, and user information remain intact.
If a classified document is produced and the originator wants to create an unclassified version of the document by deleting the classified portions, this new unclassified version will retain the deleted portions in the file unless the Fast Save feature has been specifically disabled by the user. Similarly, sensitive unclassified information also could be compromised.
It is important to realize that disabling this option WILL NOT automatically delete the current history file from documents created with the option invoked. Each document must be reopened, modified in some way (as simple as adding a space) and re-saved, after disabling the option.
Microsoft Office 97 Word and PowerPoint for Windows
To disable the Fast Save feature within the Windows environment:
Microsoft Word 6.0 for Power Macintosh and Word 5.0 for Macintosh
Identical problems are associated with Macintosh versions of Word, to include
Word 6.0 and Word 5.0. However, Microsoft PowerPoint for Macintosh DOES
NOT have a Fast Save feature. To disable the Fast Save feature on a Macintosh
computer:
DOE and DOE contractors should disable the Fast Save option of Word and PowerPoint applications on all computers running Microsoft (Windows) or Macintosh operating systems.
The Classified Information System Security (ISS) Program Manager should re-educate all ISS users concerning inherent problems with word processing software and widely disseminate this Advisory Notice. The Advisory Notice should be specifically coordinated with classification and declassification offices, and other organizations which process classified or sensitive unclassified information.
The ISS Program Manager should review and revise documentation and policy for all DOE offices which may use specialized software, such as Trusted Copy (TrCopy), to copy or transfer an unclassified file from a classified system to an unclassified system.
The ISS Program Manager should coordinate this Advisory Notice with the DOE Unclassified Computer Security Program Manager.
Return to Advisory Table of Contents
Security and Privacy Notice
To contact send email to ISRC
Last Updated October 2001