Published in News

Windows Network settings are security killer

by on26 March 2007


Design bug


A fundamental design flaw in the way that Windows obtains proxy settings makes the operating system vulnerable to attack.

Security company IOActive told the ShmooCon hacker conference that an attacker with access to a network could insert a malicious proxy and see all the traffic.

Chris Paget, director of research and development at IOActive told the converence that it was easy for a hacker to become a proxy server without a company knowing about it.

According to, the problem is caused because Internet Explorer on Windows PCs by default searches for a proxy server using the Web Proxy Autodiscovery Protocol, or WPAD.

An attacker can register a proxy server on a network using the Windows Internet Naming Service, or WINS, and other network services including the Domain Name System, or DNS. the first thing IE does when IE starts up is ask the network where its proxy server is and a hacker only has to show it where to go.

Microsoft has acknowledged that there is a problem.

More here


Last modified on 26 March 2007
Rate this item
(0 votes)