One of Microsoft's latest security updates does not fix the vulnerability it was meant to patch, according to global IT vendor, Panda Security.
Panda says update MS09-008, released on Wednesday by Microsoft, was designed to fix four vulnerabilities in Windows DNS server and WINS server. However, according to Panda, an unpatched flaw has been detected in the DNS server, more specifically in WPAD (Web proxy autodiscovery protocol) registration.
“WPAD is a service that allows automatic detection of proxy settings without user intervention,” explains Jeremy Matthews, head of Panda's sub-Saharan operations. “Clients have to download WPAD entries from the DNS server, and those entries that could be affected by the 'man-in-the-middle' attack. An attacker that exploited this vulnerability successfully could redirect users' traffic through a malicious proxy.”
Matthews says if attackers manage to redirect targeted users to a malicious proxy, they could obtain private information and redirect them to malicious pages in order to infect them with malware or monitor their Internet movements.
He says users who use these systems should be extra cautious and keep an eye on new Microsoft updates to patch this vulnerability as soon as possible.
For more information, visit Panda's Internet safety blog.
Share