I read this the other day, though for the life of me I can’t remember where. But apparently there is a default setting in Internet Explorer that might let the owners of a bad web site to steal the contents of your clipboard– the place in computer memory where things go when you press Control-C.
So if you recently worked on a confidential spreadsheet and had pressed Control-C to copy an important section of data from one place to another, that data could be picked up by someone outside your organization. This is a Bad Thing.
To prevent the clipboard from being accessed by web sites, open Internet Explorer, click on Tools, Internet Options, Security, Custom Level, and scroll almost all the way down the list to where it says “Allow paste operations via script” and set it to Disable.
This seems like a huge hole to me. I even made a point to IM my wife so that she could put the fix on the home computer.