> Again, why are you minimizing this clearly easy to abuse OS feature by comparing it to much more sophisticated exploits
You need to think like an attacker. If you gained a foothold on a machine, maybe for a limited time, do you wait until the user happens to login to their banking site by copy pasting the password, or do you comb the machine for everything valuable - files, cookies, password manager databases, ...
If you are sniffing the clipboard you are actively malicious, but then you limit yourself to low gains?
Note that most of the trojans listed in your link are fully featured, sniffing the clipboard is one of the many attacks in their menu.
You are right that it is an attack vector, but it's not a particularly bad one. Microsoft did implement various restrictions which annoy the user, and did implement some protections against common attacks - ransomware file protection, but did nothing regarding the clipboard. Which means that in their cost/benefit analysis it did not stick out as a priority.
You need to think like an attacker. If you gained a foothold on a machine, maybe for a limited time, do you wait until the user happens to login to their banking site by copy pasting the password, or do you comb the machine for everything valuable - files, cookies, password manager databases, ...
If you are sniffing the clipboard you are actively malicious, but then you limit yourself to low gains?
Note that most of the trojans listed in your link are fully featured, sniffing the clipboard is one of the many attacks in their menu.
You are right that it is an attack vector, but it's not a particularly bad one. Microsoft did implement various restrictions which annoy the user, and did implement some protections against common attacks - ransomware file protection, but did nothing regarding the clipboard. Which means that in their cost/benefit analysis it did not stick out as a priority.