Hackers unearth ancient Windows flaw
A years-old Windows flaw has been detected by hackers in the annual Kiwicon 2k7 conference in New Zealand. Although Microsoft supposedly fixed their DNS vulnerability way back in 1999, the bug finally resurfaced after 8 years of obscurity. According to hacker Oddy, who was one of the presenters in the conference, "Web Proxy Auto Discovery is an interestingly still-active-after-all-these-years design misfeature courtesy of Microsoft. It is of particular relevance to those of us who ‘live’ anywhere except the .com domain, as Microsoft fixed it for .com a long time ago, but due to it’s DNS-(ab)using nature it is still a problem for everyone else."
This means that a large part of users with computers that use Windows as their operating system are in danger of being redirected to websites that contain malicious code. As not all Windows-powered systems are particularly vulnerable to this security flaw, Microsoft issued a bug-related advisory (945713), where the company staff explains which computer configurations can potentially be redirected to malicious websites.
In short, these are websites that have a DNS suffix that is third level or deeper (for example, gigahard.corp.co.uk.(gov)).
Recently commented malware