Back to Archive

Clipboard Security Test - Internet Explorer by Vic Ferri

If you are using Internet Explorer as your default browser,  there is a good chance that despite being up to date with all your hot fixes, you are vulnerable to a clipboard exploit where a web site can grab whatever data was last copied to your clipboard.  This can be achieved by simply visiting the site. You don’t even have to click anything.  Just being there allows them to “get you.” Obviously, this poses a serious security risk from which you should be protected.  Many of us routinely copy sensitive information such as passwords and credit card numbers and we should be able to take it for granted that no one can view what we copy! I created a test page that will let you know if you are protected from this exploit or not.


To see if you are vulnerable: 


1.  Select and copy some text  (no need to paste)


2. Then click here:

If you see the text you copied on the page, then you are vulnerable and should follow these instructions immediately!

1. Open Internet Explorer and click
Tools> Internet Options

2. Under the Security tab, click
Custom Level.

3. In the Security Levels box, scroll down to find the Scripting section and
for the option “
Allow paste operations via script” choose Disable.


4. Click
Ok to apply the changes, exit and  close Internet Explorer 

It was that simple. You are now protected from this exploit.

To be sure, repeat the clipboard security test by going back to the test page to make sure your copied
text is not being grabbed anymore.


Note:  Images cannot be grabbed by this nasty code. If you were to copy an image and then
visit the test page, you would get a false report telling you that you are protected.

Also note that this security loophole is an issue with Internet Explorer only. If you are using Mozilla Firefox or Opera, you are protected from this vulnerability by default.

For those of you who do not know, the clipboard in Windows is where anything you copy is stored.
When you copy anything, whether it be text or an image, it is placed on the clipboard.
The  Windows clipboard can only store what you last copied.  As soon as you copy something else, the previous content is emptied.  The clipboard is actually a utility named clipbrd.exe which is located in your System32 folder.  You can access and view your clipboard content easily by entering "
clipbrd" in the Run box and clicking Ok.

Here's what it looks like:


For those of you more advanced in computer matters and interested in the registry settings for this, they are  located at this key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
and controlled by the Dword Value
1407 in the right hand pane.
0 = Enabled
1 = Prompt
3 = Disabled

You can access the registry by clicking your Start button and typing REGEDIT in the RUN dialog box.

If you are a novice, beware that the registry can be a very dangerous place to mess with if you do not know what you are doing.

The Registry has no mercy.  There is no UNDO for any error you make and all it takes is a minor error to make your personal computer unbootable or exhibit strange behavior.  If you would like to learn to use the Registry from the ground up, I recommend you check out  the Ebook "Registry For Newbies"  which is the only registry book I choose to promote for the novice.  It takes you by the hand and demystifies the registry, with no experience needed to grasp it.

Vic Ferri

Per Contra Tech - Fall 2006