Key Information About the Vulnerability Subject: Controlling the clipboard with OWC in IE (GM#007-IE) Discovery Date: 24 Feb 2002 Affected Applications: - Office 2000 - Office Web Components 9, Spreadsheet component - Office XP - Office Web Components 10, Spreadsheet component Discussion It is possible to gain control over the clipboard even when it is disabled in the security zone, via the Spreadsheet component in both OWC9 and OWC10. The "Paste" method of the Range object and the "Copy" method of the Cell object give an attacker full control over clipboard operations. The attacker can continuously monitor the victim's clipboard and log the findings to a server for later inspection. It is also possible for an attacker to place data inside the clipboard. Exploit Reading the contents of the clipboard: An example of the script is provided. Assigning the clipboard's content: An example of the script is provided. Solution Set "Run ActiveX controls and plug-ins" to "Disable" or remove/disable OWC until a patch becomes available. Status Microsoft has been informed and has opened an investigation regarding this issue.