The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Clipboard Data Theft – Harden security setting in Internet Explorer

Download PC Repair Tool to quickly find & fix Windows errors automatically

In and before Internet Explorer 6, the browser could actually let websites silently read the data stored in the Windows Clipboard. With Internet Explorer 7, Microsoft finally addressed this security hole which allowed malicious websites to read and steal your clipboard data.

Microsoft had posted ways on how to prevent it in KB224993. But that is now water under the bridge. As mentioned earlier, things changed after the release of Internet Explorer 7. Now, this theft is, in a way, “optional”.

By default, in Internet Explorer 11, if a website tries to steal your clipboard data, you will see the following Prompt.

Clipboard Data Theft

Do you want this webpage to access your Clipboard

To illustrate this issue, simply Copy any part of the text from this web page or anywhere else and visit this demo website.

Your Internet Explorer will throw up the prompt: Do you want this webpage to access your Clipboard? You should normally, of course, select Don’t allow.

But if you do select Allow access, you will see your clipboard data displayed there.

The text which you last copied for pasting can be easily stolen by malicious websites using a combination of JavaScript and ASP or PHP or CGI, to write your possible sensitive data to a database on another server.

Clipboard Data Theft – Harden IE Security

To avoid the prompt, and directly prevent websites access to your Clipboard data, you can harden IE security as follows:

Open Internet Explorer > Internet Options > Security tab > Custom Level button > Security Settings > Under Scripting > Allow Programmatic clipboard access.

clipboard-access-ie

Select Disable, instead of the default Prompt. Click Apply > OK.

The default is Prompt, so a Prompt is expected to be thrown at you. But if you want to be absolutely safe, you may Disable it and simply disallow clipboard access. This will ensure the safety of your clipboards contents, always, as there will be a not question of your even pressing on the wrong – Allow access – button, by mistake.

You may also like to check out some good free password manager like freeware KeePass. Keepass provides an option to clear the clipboard after a user-specified number of seconds, as well as an enhanced mode that allows copy pasting only one time. Else you can clear clipboard memory manually, as and when you need to.

Now readWhat is Pastejacking.

233 Shares

[email protected]

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap