Clipboard Security Test - Internet Explorer by Vic Ferri
If you are using Internet Explorer as your default browser, there is a good chance that despite being up to date with all your hot fixes, you are vulnerable to a clipboard exploit where a web site can grab whatever data was last copied to your clipboard. This can be achieved by simply visiting the site. You don’t even have to click anything. Just being there allows them to “get you.” Obviously, this poses a serious security risk from which you should be protected. Many of us routinely copy sensitive information such as passwords and credit card numbers and we should be able to take it for granted that no one can view what we copy! I created a test page that will let you know if you are protected from this exploit or not.
To see if you are vulnerable:
1. Select and copy some text (no need to paste)
2. Then click here:
If you see the text you copied on the page, then you are vulnerable and should follow these instructions immediately!
1. Open Internet Explorer and click Tools> Internet Options
2. Under the Security tab, click Custom Level.
3. In the Security Levels box, scroll down to find the Scripting section and
for the option “Allow paste operations via script” choose Disable.
4. Click Ok to apply the changes, exit and close Internet Explorer
It was that simple. You are now protected from this exploit.
To be sure, repeat
the clipboard security test by going back to the test page to make sure
text is not being grabbed anymore.
Note: Images cannot
be grabbed by this nasty code. If you were to copy an image and then
visit the test page, you would get a false report telling you that you are protected.
Also note that this security loophole is an issue with Internet Explorer only. If you are using Mozilla Firefox or Opera, you are protected from this vulnerability by default.
For those of you who do not know,
the clipboard in Windows is where anything you copy is stored.
When you copy anything, whether it be text or an image, it is placed on the clipboard.
The Windows clipboard can only store what you last copied. As soon as you copy something else, the previous content is emptied. The clipboard is actually a utility named clipbrd.exe which is located in your System32 folder. You can access and view your clipboard content easily by entering "clipbrd" in the Run box and clicking Ok.
Here's what it looks like:
For those of you more advanced in computer matters and interested in the registry settings for this, they are located at this key:
and controlled by the Dword Value 1407 in the right hand pane.
0 = Enabled
1 = Prompt
3 = Disabled
You can access the registry by clicking your Start button and typing REGEDIT in the RUN dialog box.
If you are a novice, beware that the registry can be a very dangerous place to mess with if you do not know what you are doing.
The Registry has no mercy. There is no UNDO for any error you make and all it takes is a minor error to make your personal computer unbootable or exhibit strange behavior. If you would like to learn to use the Registry from the ground up, I recommend you check out the Ebook "Registry For Newbies" which is the only registry book I choose to promote for the novice. It takes you by the hand and demystifies the registry, with no experience needed to grasp it.
Per Contra Tech - Fall 2006