search cancel

False positive Clipboard Paste incidents are logged when using the Mail app on Windows 10 or the Google Chrome Clipboard History extension

book

Article ID: 163327

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

Clipboard Paste incidents are logged when users copy sensitive data to the Clipboard and access the Mail app for Windows 10 (64-bit) endpoints. Clipboard Paste incidents are logged before users paste sensitive data. Similarly, when the Google Chrome Clipboard History extension is used, incidents are logged but no sensitive data is pasted.

Note: This issue does not occur when users copy data from Notepad.

Cause

The Mail app for Windows 10 and the Google Chrome Clipboard History extension fetch Clipboard data when endpoint users access the application or extension. The DLP Agent reads the data fetch as a paste action. If sensitive data resides on the Clipboard, Data Loss Prevention logs an incident and displays a popup if they are enabled.

Resolution

For the Mail app for Windows 10, disable Clipboard Paste for the "Microsoft Metro Mail" application on the Application Monitoring screen.

For the Google Chrome Clipboard History extension, either disable the extension in the Google Chrome browser or disable Clipboard Paste monitoring for Google Chrome on the Application Monitoring screen.