New attack allows for hijacking of web traffic

By

Vulnerability could send users to phishing sites.

New attack allows for hijacking of web traffic
Microsoft is warning users and administrators of a new exploit that could allow an attacker to control which sites a user can visit.

The vulnerability lies within the Web Proxy Auto Discover (WPAD) component used to connect a PC to a web proxy server.

Microsoft disclosed the flaw earlier this year and issued a patch. The company has also issued a tutorial for administrators on how to configure DNS servers to prevent attackers from setting up the malicious proxy.

An attacker could exploit the security hole through a specially crafted website or email message that installs a malformed WPAD file on the user's system.

The malicious file then directs the user's PC to connect to a Domain Name System or Windows Internet Names Service server run by the attackers, giving them total control over their internet traffic.

Vince Wong, a group product manager for Symantec, said that the ramifications of a user running through an attacker's proxy would be similar to those of a cross-site-scripting attack.

Users could be redirected to phishing sites or sent to pages that may attempt to exploit other vulnerabilities.

Although there is little danger at the moment, users should install Microsoft's latest patches and keep their security software up to date, he recommended.

"Patching this is highly recommended, and it is almost critical at this point," Wong said.

"Right now it's a low risk, but it's not unimaginable that unsuspecting users could get duped."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
allowsattackforhijackingnewofsecuritytrafficweb

Sponsored Whitepapers

What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape
Transform IT Service Delivery with Freshworks ITSM
Transform IT Service Delivery with Freshworks ITSM
Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security

Events

Most Read Articles

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study
Greater Western Water's billing system data issues laid bare

Greater Western Water's billing system data issues laid bare
Microsoft plans full quantum-resistant cryptography transition by 2033

Microsoft plans full quantum-resistant cryptography transition by 2033
TPG Telecom reveals iiNet order management system breached

TPG Telecom reveals iiNet order management system breached
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?