We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,678 News Articles

Dangerous Windows network hack uncovered

Browsers routed to malicious proxy server

Microsoft is warning of an attack that could be used to divert someone's web traffic through a malicious proxy server.

Applications such as Internet Explorer use the Web Proxy Automatic Discovery (WPAD) protocol to find a file that enables a browser to configure its proxy settings. However, it's possible to plant a configuration file that would route traffic through a malicious proxy, the company said.

A malicious WPAD.dat file could be placed in the Domain Name System (DNS) or the Windows Internet Naming Service (WINS), Microsoft said. The client application looks in DNS or WINS to resolve the name of the hosting that has the proxy configuration file.

Once the bad file is there, WPAD clients "may be able to route their internet traffic through a malicious proxy server," Microsoft said.

Microsoft’s support site details how administrators can can configure DNS and WINS on their servers to help prevent what it calls "malicious registrations" of WPAD files. The fix is for Windows Server 2003 and Windows 2000 Service Pack 4.

Microsoft wasn't immediately able to comment.


IDG UK Sites

Top 5 Android tips and tricks for smartphones and tablets

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

BBC using Glasgow 2014 Commonwealth Games to trial 4K/UHD, pan-around video, augmented video and...