• Kiwi Man-in-the-middle attack?

    Posted on November 24, 2007 at 01:56 CST by Comment in the Forums

    Patrick Gray, writing in The Age, reports that New Zealander Beau Butler has discovered a big-time security hole in some versions of Windows – but apparently not in the American versions.

    Two days earlier, in a TechToday posting, Gray described Butler’s recent presentation at the Kiwicon conference thusly:

    In the most sensational presentation of the conference, security researcher Beau Butler showed us how Microsoft’s completely half-arsed fix of a known issue – problems with Windows Proxy Autodiscovery – could be used by the more evil among us to seize control of vast numbers of workstations. Due to a bug in Microsoft’s WPAD functionality, proxy auto-configuration requests frequently wind up popping out on to the Internet.

    That means bad, bad people can load up your workstations with false proxy information. That’s right, Butler had figured out a way to run a man-in-the-middle attack on hundreds of thousands, if not millions, of workstations in his home country. You’ll be hearing more on this, but in the mean time it would make sense to configure a wpad server in your organisation to stop Microsoft’s silly software from seeking proxy configuration files from evil hackers outside your organisation.

    I don’t have any other details, but it sounds as if this might be a significant problem. (In particular, this many be the same WPAD problem that was reported back in March and addressed, if not solved, in KB article 934864) Certainly, Microsoft is now listening. Will keep you posted.

    Thanks to JT for the heads-up.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    June 2025
    S M T W T F S
    1234567
    891011121314
    15161718192021
    22232425262728
    2930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.