Microsoft issued an alert
this week regarding a Windows security risk that could redirect someone to an arbitrary website. Interestingly, the flaw is not new. In fact, it was originally patched eight years ago, but has now supposedly been “rediscovered”. Considering the massive facelift that Windows has seen since then, most notably with desktops switching from the older 9x architecture to the NT architecture, this is fairly plausible.
The flaw is present due to how Windows resolves hostnames, and would require someone on the outside to have registered a name that is likely to be given out as a DNS suffix. It could potentially be a problem with smaller ISPs, but there are no “reported” attacks using this particular flaw. In a worst-case scenario, a fake WPAD server could issue out bad DNS results to a machine, letting them redirect people to fake sites. The article clams that as many as 160,000 machines in New Zealand could be affected, let alone worldwide, but it is still unlikely that the problem is widespread.
Likely the issue will be fixed in the next patch cycle. Maybe.