Microsoft confirms two potential vulnerabilities in its Internet Explorer 5.0 browser that let Web operators swipe visitors' private information.
The first is a new wrinkle in a problem that has dogged IE developers numerous times. Microsoft described the latest bug as a variant on a hole, the latest variation of which was discovered and demonstrated last month by Spanish bug hunter Juan Garlos Cuartango. It makes users' clipboards vulnerable to inspection by Web operators.
The clipboard holds text that users have most recently copied or cut. The clipboard only stores one clip at a time; a new clip automatically erases the previous one.
Microsoft said it was working on a fix for both the Cuartango hole and the new one, discovered and demonstrated by Bulgarian bug hunter Georgi Guninski. Guninski also recently found a URL-sniffing privacy hole in the Communicator browser by America Online's newly acquired Netscape Communications unit.
The second issue Microsoft acknowledged as a hypothetical risk, but declined to characterize it as a bug. This one concerns IE 5's support for scripted copy and paste operations built into Web sites. Again, a malicious Web site operator exploiting the vulnerability would be able to read what is on a visitor's clipboard.
"We don't view this as a bug, but as a feature that could potentially be used in a way that's not intended," said Microsoft Windows product manager Rob Bennett. "At this point, any misuse of this is completely hypothetical."
Bennett stressed that users concerned about Web sites pilfering what's on their clipboards can set their zone settings to disable scriptable paste.
"That's why we set this with zone settings, for users who may be concerned that information might be pasted without their knowledge," he said.
The issue is demonstrated on the PC enthusiast site System Optimization.