Jump to content

Flaw leaves Microsoft looking like a turkey


Humpty

Recommended Posts

What I can't work out is why PC's in one country aren't affected yet in others they are? :unsure:

MICROSOFT engineers worked frantically over the US Thanksgiving holiday to fix a design flaw in Windows that has exposed millions of computers to hijacking by computer criminals.

 

By exploiting the design flaw a lone miscreant could take control of vast numbers of home or office PCs around the world in a single attack. They could read data, steal passwords and monitor internet use or use them to distribute spam or viruses.

 

The bug was demonstrated at the Kiwicon hacker conference in New Zealand last week by an ethical hacker, Beau Butler.

 

"This whole presentation came about from me telling a story to a bunch of my computer security friends down the pub one night," he said on the phone from New Zealand. "They basically said, 'You're going to have to step up and talk about that'."

 

While testing the flaw, Mr Butler found more than 160,000 computers in NZ were vulnerable. Computers in the US are not vulnerable to the flaw, but many countries are potentially wide open.

 

It was decided not to publish details of the vulnerability after bringing it to the attention of Microsoft this week.

Article

Link to comment
Share on other sites

More info:

The flaw affects all versions of Windows including Vista, but does not affect computers in the United States. Microsoft reportedly patched the flaw eight years ago to protect computers that use the ?.com? domain as part of their corporate identity. The fix, however, does not work for computers that use domain country codes, such as .nz (New Zealand) or .uk (United Kingdom).

 

WPAD is a method used by Web browsers to locate a proxy configuration file called wpad.dat that is used to configure a Web browser?s proxy settings. Part of the flaw lets the search for the configuration file leave the safety of the corporate network, thus opening an avenue for a hacker to hijack the request and deliver a configuration file to the browser that could then be then exploited to intercept and modify the user?s Web traffic.

 

The Windows WPAD feature was designed so administrators would not have to configure browser proxy settings on each desktop manually. All the automated WPAD configuration work takes place out of view of the user.

 

Last week, Beau Butler, who also goes by the name Oddy and the title ?ethical hacker,? presented his rediscovery of the WPAD flaw at the annual Kiwicon security conference at Victoria University of Wellington in New Zealand. Butler told conference attendees and Australia?s The Age Web site that he found 160,000 computers in New Zealand using the .nz domain that were vulnerable to the WPAD flaw. The Age said Microsoft asked it not to publish the details over fears they could be used by cybercriminals to seize control of workstations. Microsoft confirmed it was a serious issue, The Age said. Continued

Article

Link to comment
Share on other sites

  • Moderators
The Age said Microsoft asked it not to publish the details over fears they could be used by cybercriminals to seize control of workstations. Microsoft confirmed it was a serious issue, The Age said.

That's actually smart. ;)

 

One would think the U.S. government and/or news channels would do the same! :rolleyes: They're always giving those damned terrorist ideas of what to attack such as the food supply, or water saying they could do this and that to it to harm us. Giving out that information has always puzzled me because the baddies may have not even thought of it.

Link to comment
Share on other sites

As Chris Pirillo said, "all operating systems suck." The only reason why OSX has less problems is because less people use them. Personally, Steve Jobs rubs me the wrong way, he is too cagey about his stuff. I mean, OSX runs well, but he loves to egg on the mac cult. Linux is supposed to be better, but the same rule applies.

Link to comment
Share on other sites

Ok well if the flaw does actually exist, it doesnt effect me or any of my clients as none use a proxy for IE.

 

Good luck with that.

 

Parts of OSX are vulnerable to this also, as is Firefox. MS just gets all the press because they're MS.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.