|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Project Zero: Watch out for Web Proxy Auto-Discovery
What is WPAD? Easy question, long answer. Google’s Project Zero just posted a scary evaluation:
(With WPAD) every Windows machine will ask the local network: “Hey, where can I find a Javascript file to execute?”… WPAD allows the computer to query the local network to determine the server from which to load the PAC file… The browser connects to a pre-configured server, downloads the PAC file, and executes a particular Javascript function to determine proper proxy configuration.
And… you guessed it… the PAC file can contain all sorts of compromising programs.
Windows is certainly not the only piece of software that implements WPAD. Other operating systems and applications do as well. For example Google Chrome also has a WPAD implementation, but in Chrome’s case, evaluating the JavaScript code from the PAC file happens inside a sandbox. And other operating systems that support WPAD don’t enable it by default. This is why Windows is currently the most interesting target for this sort of attack.
The Project Zero people proceed to discuss many different nightmare scenarios. Oh boy.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Over-the-Top solves it!
by 2 hours, 4 minutes ago
-
To Susan – Woody Leonhard, the “Lionhearted”
by 4 hours, 59 minutes ago
-
Extracting Data From All Sheets
by 6 hours, 35 minutes ago
-
Use wushowhide in Windows 11 24H2?
by 6 hours, 43 minutes ago
-
Hacktool:Win32/Winring0
by 6 hours, 30 minutes ago
-
Microsoft Defender as Primary Security Question
by 7 hours, 10 minutes ago
-
USB printers might print random text with the January 2025 preview update
by 9 hours, 13 minutes ago
-
Google’s 10-year-old Chromecast is busted, but a fix is coming
by 18 hours, 49 minutes ago
-
Expand the taskbar?
by 18 hours, 40 minutes ago
-
Gregory Forrest “Woody” Leonhard (1951-2025)
by 1 hour, 3 minutes ago
-
March 2025 updates are out
by 6 hours, 45 minutes ago
-
Windows 11 Insider Preview build 26120.3380 released to DEV and BETA
by 1 day, 12 hours ago
-
Update Firefox to prevent add-ons issues from root certificate expiration
by 1 day, 19 hours ago
-
Latest Firefox requires Password on start up
by 1 day, 14 hours ago
-
Resolved : AutoCAD 2022 might not open after updating to 24H2
by 2 days, 8 hours ago
-
Missing api-ms-win-core-libraryloader-11-2-1.dll
by 1 day, 7 hours ago
-
How Much Daylight have YOU Saved?
by 1 day, 10 hours ago
-
A brief history of Windows Settings
by 1 day, 3 hours ago
-
Thunderbolt is not just for monitors
by 1 day, 2 hours ago
-
Password Generators — Your first line of defense
by 1 day, 7 hours ago
-
AskWoody at the computer museum
by 7 hours, 39 minutes ago
-
Planning for the unexpected
by 1 day, 8 hours ago
-
Which printer type is the better one to buy?
by 2 days, 10 hours ago
-
Upgrading the web server
by 2 days, 8 hours ago
-
New Windows 11 24H2 Setup – Initial Win Update prevention settings?
by 3 days, 3 hours ago
-
Creating a Google account
by 3 days, 2 hours ago
-
Undocumented “backdoor” found in Bluetooth chip used by a billion devices
by 3 days, 8 hours ago
-
Microsoft Considering AI Models to Replace OpenAI’s in Copilot
by 3 days, 19 hours ago
-
AI *emergent misalignment*
by 3 days, 21 hours ago
-
Windows 11 Disk Encryption/ Bitlocker/ Recovery Key
by 2 days, 5 hours ago
