Microsoft has reported a flaw in the way Windows and Internet Explorer handle web proxy auto discover (WPAD) connections. WPAD servers are used to deliver connecting computers with web proxy information. Microsoft said that the problem occurs when the WPAD servers for third-level domains (such as .co.uk) and deeper cannot be found. The user is then redirected to a WPAD server for a higher domain.
This can eventually lead the user to access a WPAD server outside the intended domain, possibly to one that has been compromised by a hacker. All current versions of Windows and Internet Explorer are affected by the flaw, which was discovered by researcher Beau Butler. Microsoft has not received any reports of attacks targeting the vulnerability in the wild.
View: The full story @ vnunet
4 Comments - Add comment