Microsoft Windows Web Proxy Automatic Discovery (WPAD) Traffic Routing Vulnerability
A vulnerability has been identified in Microsoft Windows, which could be exploited by malicious users to gain knowledge of sensitive information. This issue is due to a design error where the Web Proxy Autodiscovery Protocol (WPAD) is used (by default) without static WPAD entries, which could be exploited by attackers on a local network segment to force WPAD clients (e.g. Internet Explorer) to route their traffic through a malicious proxy server by registering a specially crafted WPAD entry in Domain Name System (DNS) or in Windows Internet Naming Service (WINS).

Affected Products

Microsoft Windows Server 2003 Standard Edition (x64)
Microsoft Windows Server 2003 Enterprise Edition (x64)
Microsoft Windows Server 2003 Datacenter Edition (x64)
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Enterprise Edition SP1 (Itanium)
Microsoft Windows Server 2003 Datacenter Edition SP1 (Itanium)
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Datacenter Edition (Itanium)
Microsoft Windows Server 2003 Enterprise Edition (Itanium)
Microsoft Windows Server 2003 R2 Standard Edition
Microsoft Windows Server 2003 R2 Enterprise Edition
Microsoft Windows Server 2003 R2 Datacenter Edition
Microsoft Windows Server 2003 R2 Standard x64 Edition
Microsoft Windows Server 2003 R2 Enterprise x64 Edition
Microsoft Windows Server 2003 R2 Datacenter x64 Edition
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 Professional Edition
Microsoft Windows Small Business Server 2003 Standard Edition
Microsoft Small Business Server 2000 Standard Edition

Solution

Reserve static WPAD DNS host names and WPAD WINS name records :
http://support.microsoft.com/kb/934864
더보기

댓글,