Microsoft details network hack in Windows

Posted on March 26th, 2007 by Jason

Microsoft Corp. is warning of an attack that could be used to divert someone’s Web traffic through a malicious proxy server.

Applications such as Explorer use the Web Proxy Automatic Discovery (WPAD) protocol to find a file that enables a browser to configure its proxy settings. However, it’s possible to plant a configuration file that would route traffic through a malicious proxy, the company said.

A malicious WPAD.dat file could be placed in the Domain Name System (DNS) or the Naming Service (WINS), Microsoft said. The client application looks in DNS or WINS to resolve the name of the hosting that has the proxy configuration file.

Once the bad file is there, WPAD clients “may be able to route their traffic through a malicious proxy server,” Microsoft said.

Microsoft details on its support site how administrators can configure DNS and WINS on their servers to help prevent what it calls “malicious registrations” of WPAD files. The fix is for Server 2003 and 2000 Service Pack 4.

Microsoft staffers were not immediately available to comment.

Tags: , , , , , , , , , , , , ,

Share and Enjoy:
  • del.icio.us
  • StumbleUpon
  • Facebook
  • Google
  • Furl
  • Live
  • MisterWong.DE
  • NewsVine
  • Reddit
  • Slashdot
  • Technorati
  • YahooMyWeb
  • BlinkList
  • description
  • Fark
  • Netvouz
  • Spurl
  • MisterWong
  • Webnews.de
  • Blogsvine
  • description
  • IndiaGram
  • kick.ie
  • Taggly
  • E-mail this story to a friend!
  • Print this article!

This entry was posted on Monday, March 26th, 2007 at 1:04 pm and is filed under Windows Vista, Windows XP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Related posts

Leave a Reply