Internet Explorer Clipboard Vulnerability
Are you using the Microsoft Internet Explorer? You may be shocked by the following example of how insecure the Internet Explorer browser really is. Copy some text to the Windows Clipboard. You can use the text that you are just reading or any other text that you come across. Now visit the IE Clipboard Test website and see what happens.
Update: Please note that the website is no longer available. You can try out
If you run Internet Explorer 7 you will be asked if you want to allow Internet Explorer access to your clipboard, if you run a previous version you will not be asked at all. If you say yes or use a previous version the contents of your clipboard are displayed on the website.
This means that a website can read (and thus store) information that are stored in the Windows Clipboard. It gets better. Stay on that website and copy another text to your clipboard. You will see that the new text will appear as well on the demonstration website.
You can bet that webmasters with malicious intents are not so nice to display the contents of your clipboard all the time, they will try to use that information again you.
Newer versions of Internet Explorer, that includes IE7 but also IE11, have set the feature to prompt, which means that you will receive a notification whenever a site or service wants to access the contents of the clipboard.
To manage this, open the Internet Options in Internet Explorer, switch to the Security tab, and click on custom level next to the zone that you want to modify.
Locate Scripting here, it should be near the bottom of the page, and check for the preference "Allow Programmatic clipboard access". It should be set to prompt or disable.
Update: Note that newer versions of Internet Explorer have been released and that you should update the browser on your system to make sure your system is protected and running a better version of the browser.
For Windows XP, that is Internet Explorer 8. Windows Vista users can download and install Internet Explorer, as can Windows 7 users who also get access to Internet Explorer 10 in the near future.Advertisement