Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD

Microsoft · 10th January 2008, 05:21 AM

Revision Note: Advisory Updated: The registry key for the Configure a Domain Suffix Search List workaround has been corrected to the proper key of SearchList. Advisory Summary:Microsoft is investigating new public reports of a vulnerability in the way Windows resolves hostnames that do not include a fully-qualified domain name (FQDN). The technology that the vulnerability affects is Web Proxy Auto-Discovery (WPAD). Microsoft has not received any information to indicate that this vulnerability has been publicly used to attack customers, and Microsoft is not aware of any customer impact at this time. Microsoft is aggressively investigating the public reports. Customers whose domain name begins in a third-level or deeper domain, such as “contoso.co.us”, or for whom the following mitigating factors do not apply, are at risk from this vulnerability.

More...

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD	Microsoft	Microsoft	0	4th December 2007 03:53 AM
Microsoft Security Advisory (932553): Vulnerability in Microsoft Office Could Allow R	Microsoft	Microsoft	0	26th November 2007 06:58 PM
Microsoft Security Advisory (932114): Vulnerability in Microsoft Word 2000 Could Allo	Microsoft	Microsoft	0	26th November 2007 06:58 PM
Microsoft Security Advisory (929433): Vulnerability in Microsoft Word Could Allow Rem	Microsoft	Microsoft	0	26th November 2007 06:58 PM
Microsoft Security Advisory (927892): Vulnerability in Microsoft XML Core Services Co	Microsoft	Microsoft	0	26th November 2007 06:58 PM