Clipboard Security Test - Internet Explorer by Vic Ferri
If you are using Internet Explorer as your default browser, there is a
good chance that despite being up to date with all your hot fixes, you
are vulnerable to a clipboard exploit where a web site can grab whatever
data was last copied to your clipboard. This can be achieved by simply
visiting the site. You don’t even have to click anything. Just being
there allows them to “get you.” Obviously, this poses a serious security
risk from which you should be protected. Many of us routinely copy
sensitive information such as passwords and credit card numbers and we
should be able to take it for granted that no one can view what we copy!
I created a test page that will let you know if you are protected from
this exploit or not.
To see if you are vulnerable:
1. Select and copy some text (no need to paste)
2. Then click here:
https://www.angelfire.com/on3/vxdoin2/clipbrdtest.html
If you see the text you copied on the page, then you are vulnerable and
should follow these instructions immediately!
1. Open Internet Explorer and click
Tools> Internet Options
2. Under the Security tab, click
Custom
Level.
3. In the Security Levels box, scroll down to find the Scripting section
and
for the option “Allow paste
operations via script”
choose Disable.
4. Click Ok
to apply the changes, exit and close Internet Explorer
It was that simple. You are now protected from this exploit.
To be sure, repeat
the clipboard security test by going back to the test page to make sure
your copied
text is not being grabbed anymore.
Note: Images cannot
be grabbed by this nasty code. If you were to copy an image and then
visit the test page, you would get a false report telling you that you
are protected.
Also note that this security loophole is an issue with Internet Explorer only. If you are using Mozilla Firefox or Opera, you are protected from this vulnerability by default.
For those of you who do not know,
the clipboard in Windows is where anything you copy is stored.
When you copy anything, whether it be text or an image, it is placed on
the clipboard.
The Windows clipboard can only store what you last copied. As soon as
you copy something else, the previous content is emptied. The
clipboard is actually a utility named clipbrd.exe which is located in
your System32 folder. You can access and view your clipboard
content easily by entering "clipbrd"
in the Run box and clicking Ok.
Here's what it looks like:
For those of you more advanced in computer matters and interested in the
registry settings for this, they are located at this key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\3
and controlled by the Dword Value
1407
in the right hand pane.
0 = Enabled
1 = Prompt
3 = Disabled
You can
access the registry by clicking your
Start
button and typing REGEDIT
in the RUN
dialog box.
If you are a novice, beware that the registry can be a very dangerous
place to mess with if you do not know what you are doing.
The Registry has no mercy. There is no UNDO for any error you make and
all it takes is a minor error to make your personal computer unbootable
or exhibit strange behavior. If you would like to learn to use the
Registry from the ground up, I recommend you check out the Ebook
"Registry For Newbies" which is the only registry book I choose to
promote for the novice. It takes you by the hand and demystifies the
registry, with no experience needed to grasp it.
http://newbieclub.com/rfncopy/?vic
Vic Ferri
http://personal-computer-tutor.com/abc/vic_ferri.htm
http://www.discogs.com/user/vaf
Per Contra Tech - Fall 2006