How can an attacker modify IE browser settings to allow automatic clipboard access?

An attacker with system permissions can modify Internet Explorer's security zones to enable programmatic clipboard access. The registry key `HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3` with value `1407` set to `0` (allow) allows IE to read the clipboard without prompting. The command `REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1407 /t REG_DWORD /d 00000000 /f` enables this. After restarting IE, any webpage can silently retrieve clipboard data. This technique is explained in Penetration Techniques - Exploitation of Clipboard in Windows.