Back when Windows NT was king, Microsoft was able to claim that it met the strict “Orange Book” C2 security certification. The catch? Don’t install networking and remove the floppy drives. Turns out most of the things you want to do with your computer are the very things that are a security risk. Even copy and paste.
[Michal Benkowki] has a good summary of his research which boils down to the following attack scenario:
- Visit a malicious site.
- Copy something to the clipboard which allows the site to put in a dangerous payload.
- Visit another site with a browser-based visual editor (e.g., Gmail or WordPress)
- Paste the clipboard into the editor.
Browsers are aware of this problem and attempt to clean text they put on the clipboard. [Michal] put together the “Copy and Paste Playground” to allow exploration and demonstrate what the browsers will and won’t accept.
The rest of the post covers fixed bugs in several major browsers and editor systems, including GMail and Google Docs. There is also some discussion of a few systems that remain nameless since the bugs have not yet been fixed.
[Michal] was very thorough and unsurprisingly has claimed about $30,000 in bug bounties for his work. We have gotten used to seeing exploits on IoT devices, but it is a bit surprising that something as ordinary as the clipboard can pose a threat. If you want to claim some bug bounty yourself, maybe next year you can try hacking a satellite.