In computer networks, a proxy server is a server (a computer system or an application program) which services the requests of its clients by forwarding requests to other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server provides the resource by connecting to the specified server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it would 'cache' the first request to the remote server, so it could save the information for later, and make everything as fast as possible. A proxy server that passes all requests and replies unmodified is usually called a gateway or sometimes tunneling proxy. A proxy server can be placed in the user's local computer or at specific key points between the user and the destination servers or the Internet.

03 December 2007

Microsoft Investigating Vulnerability

Microsoft Corp. announced that it is investigating new public reports of a vulnerability in the way Windows resolves hostnames that do not include a fully-qualified domain name (FQDN). The technology that the vulnerability affects is Web Proxy Auto-Discovery (WPAD).

The company has not received any information to indicate that this vulnerability has been publicly used to attack customers, and it is not aware of any customer impact at this time. Microsoft said it is aggressively investigating the public reports.

Customers whose domain name begins in a third-level or deeper domain, such as "contoso.co.us", or for whom the following mitigating factors do not apply, are at risk from this vulnerability.

Upon completion of this investigation, Microsoft said it will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Mitigating Factors:

  • Customers who do not have a primary DNS suffix configured on their system are not affected by this vulnerability. In most cases, home users that are not members of a domain have no primary DNS suffix configured. Connection-specific DNS suffixes may be provided by some Internet Service Providers (ISPs), and these configurations are not affected by this vulnerability.
  • Customers whose DNS domain name is registered as a second-level domain (SLD) below a top-level domain (TLD) are not affected by this vulnerability. Customers whose DNS suffixes reflect this registration would not be affected by this vulnerability. An example of a customer who is not affected is contoso.com or fabrikam.gov, where "contoso" and "fabrikam" are customer registered SLDs under their respective ".com" and ".gov" TLDs.
  • Customers who have specified a proxy server via DHCP server settings or DNS are not affected by this vulnerability.
  • Customers who have a trusted WPAD server in their organization are not affected by this vulnerability.
  • Customers who have manually specified a proxy server in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.
  • Customers who have disabled 'Automatically Detect Settings' in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.


Microsoft has tested the following workarounds. Although these workarounds will not correct the underlying vulnerability, they help block known attack vectors.
  • Create a WPAD.DAT Proxy Auto Configuration File on a Host Named WPAD in Your Organization to Direct Web Browsers to Your Organization's Proxy
  • Disable Automatically Detect Settings in Internet Explorer
  • Disable DNS Devolution
  • Configure a Domain Suffix Search List

Microsoft has thanked Beau Butler for working with the company and reporting the vulnerability in Web Proxy Auto-Discovery (WPAD).

at 10:59 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Xroxy Proxy Lists

Loading...

Proxy RSS | Popular

Loading...

Free Proxy Lists RSS Feed

Loading...
Submit your website to 20 Search Engines - FREE with ineedhits!

@Submit!-FREE Promotion


Internet Blogs - BlogCatalog Blog Directory
Directory of Computers/Tech Blogs
Subscribe with Bloglines
eXTReMe Tracker