Microsoft details network hack in Windows

Attack could be used to divert user's Web traffic through a malicious proxy server.

By Jeremy Kirk

March 26, 2007 12:00 PM ET

Comments

IDG News Service -

Microsoft Corp. is warning of an attack that could be used to divert someone's Web traffic through a malicious proxy server.

Applications such as Internet Explorer use the Web Proxy Automatic Discovery (WPAD) protocol to find a file that enables a browser to configure its proxy settings. However, it's possible to plant a configuration file that would route traffic through a malicious proxy, the company said.

A malicious WPAD.dat file could be placed in the Domain Name System (DNS) or the Windows Internet Naming Service (WINS), Microsoft said. The client application looks in DNS or WINS to resolve the name of the hosting that has the proxy configuration file.

Once the bad file is there, WPAD clients "may be able to route their Internet traffic through a malicious proxy server," Microsoft said.

Microsoft details on its support site how administrators can configure DNS and WINS on their servers to help prevent what it calls "malicious registrations" of WPAD files. The fix is for Windows Server 2003 and Windows 2000 Service Pack 4.

Microsoft staffers were not immediately available to comment.

Comment Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

Microsoft

Additional Resources

WHITE PAPER

EFD vs. HDD - What You Need to Know

Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.

WHITE PAPER

Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009

The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.

WHITE PAPER

Eight Criteria for Server Load Balancing

Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

What People Are Saying

6 comments | Add new

See all comments (6) | Add new

White Papers & Webcasts

Enterprise 2.0 Applications - Block or Not?
Learn what your organization should do to control Enterprise 2.0 Applications.

Data in Action: Making the Planet Smarter
Register Now

Product Overview Brochure
Learn how to deliver secure data and applications wherever and whenever they're needed.

Hosted Security Services: Why it make budget and security sense in today's economy
Watch Now

How to Secure and Accelerate Your Oracle Applications
Learn about the escalating application performance and security challenges facing corporations, today!

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Enterprise Application Delivery: No User Left Behind
Gain the ability to deliver applications to all users, using any device, across any network.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Accelerate SSL Encrypted Applications
Gain complete visibility into SSL application sessions, making it easy to apply appropriate acceleration and security controls to all SSL traffic.

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

All White Papers | All Webcasts