Company News | Market News | India News | Manufacturers News | Market Research Industry | Securities Industry News | Music Industry News | Auto Industry News | Hotel Industry News | Travel Industry News | Retail Industry News | Game Industry News | Fashion Industry News | Construction Industry News | Healthcare Industry News | Banking Industry News

Company News

Market News

India News

Manufacturers News

Market Research Industry

Securities Industry News

Music Industry News

Auto Industry News

Hotel Industry News

Travel Industry News

Retail Industry News

Game Industry News

Beverage Industry News

Securities Industry News

Microsoft researcher spar over security patch
Monday, 16, March 2009

Microsoft released a patch for a hole in Windows 2000 and Server 2003 and 2008 that could allow an attacker to redirect network traffic to a malicious site that has been set to serve as a proxy.The vulnerability, rated important by Microsoft, allows IT managers to set a Windows Proxy Auto-Discovery, or WPAD, entry in the DNS. If IE or Firefox are configured to "automatically detect settings," the browser will connect to the proxy machine.

This is a useful feature for corporations that want to set up their own proxy server for monitoring employee Web use and for security purposes. But it also could allow for a man-in-the-middle type of attack if an outsider were able to set the WPAD entry through a dynamic DNS update so that the traffic is diverted to a malicious IP address.The patch solves the problem for systems with no WPAD entry in the DNS, by blocking future queries for WPAD. But for systems with a WPAD entry, the patch does nothing.

Aviation Industry News

Pharmaceutical Industry News

Steel Industry News

Fashion Industry News

Oil Industry News

Construction Industry News

Paper Industry News

Healthcare Industry News

Cable Industry News

Chemical Industry News

Real Estate Industry News

Banking Industry News

Newspaper Industry