Despite the documentation stating otherwise, there appears to be a bug that causes PGP 7.0 Outlook Plug-in running on Outlook 98 connected to an Exchange Server to automatically save decrypted messages as decrypted when the recipient chooses to reply to a PGP encrypted message. This occurs only when the user has the PGP Mail option to "Automatically decrypt/verify when opening messages" checked, and "Always use Secure Viewer when decrypting" is not checked.
Credit:
The information has been provided by Mark Wiater.
Vulnerable systems:
PGP version 7.0 up to version 7.1.1 (not including)
Immune systems:
PGP version 7.1.1
Since the Secure Viewer option is supposed to prevent storage of decrypted items, it seems clear that the problem is in the "Automatically decrypt/verify when opening messages" option. The documentation states "You can save the message in its decrypted state, or you can save the original encrypted version so that it remains secure.", and this has always been my experience prior to this configuration/scenario.
If a PGP encrypted message is received, and the recipient opens and decrypts it, and then closes it, the original message is left encrypted in the recipient's mailbox. This is as one would expect.
If a PGP encrypted message is received, and the recipient opens, decrypts and replies, or decrypts and replies to it, the original message is silently saved to disk decrypted... the user is not prompted as to whether this action should happen or not.
In the case of the above tests, the message was sent from one user on an Exchange Server to another user on the same Exchange Server. The Sender sends from a PST, not the server, and the Recipient stores on the Exchange Server. The reply is being sent to the originating user. Whether Exchange is contributing to the problem in this is unknown.
Clearly, this irreversible action, saving the decrypted message just because it has been replied to, should not be happening. This problem is not remotely exploitable; instead recipients who reply to PGP encrypted messages should be aware that their saved copy of the original message is decrypted.
Workarounds:
Ensure either that the Secure Viewer is always used, or that Automatic decrypt/verify is not checked.
Vendor response:
Network Associates' PGP Product Management indicates that "All of the issues you describe, to the extent that they were problems, are already fixed in the current shipping release: 7.1.1". Application of the workarounds or upgrades is recommended.
