Windows Internet Explorer enables you to select content in a webpage, drag it by using the mouse, and drop it elsewhere in the same webpage or in a webpage in a different Internet Explorer window.
After you install the cumulative update for Internet Explorer that is dated August 9, 2011, you can choose to prevent the drag-and-drop of content into a webpage that originates in a different domain. This can help avoid attacks where a malicious site may trick you into unknowingly selecting possibly sensitive content from one website and dropping the content into a possibly malicious website.
For more information about the cumulative update, click the following article number to view the article in the Microsoft Knowledge Base:
2559049 MS11-057: Cumulative Security Update for Internet Explorer: August 9, 2011
This article describes how to enable a fix to prevent the drag-and-drop of content into a webpage that comes from a different domain.
To enable this fix automatically, click the Fix this problem link under the "Enable this fix" heading. Then, click Run in the File Download dialog box, and follow the steps in the wizard.
To undo the fix and restore the original settings, click the Fix this problem link under the "Disable this fix" heading. Then, click Run in the File Download dialog box, and follow the steps in the wizard.
Enable this fix
Disable this fix
This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
If you are not on the computer that has the problem, you can save the automatic fix to a flash drive or to a CD, and then you can run it on the computer that has the problem.
Let me fix it myself
To enable this fix yourself, modify the following registry subkeys by using the values that are listed in the following registry value table.
Note Each subkey affects whether you can drag-and-drop content into a webpage in a particular Internet Explorer security zone.
To enable this fix for webpages in the Internet zone: