Microsoft Security Advisory (945713): Vulnerability in Web Proxy Auto-Discovery (WPAD)

Microsoft is investigating new public reports of a vulnerability in the way Windows resolves hostnames that do not include a fully-qualified domain name (FQDN). The technology that the vulnerability affects is Web Proxy Auto-Discovery (WPAD). Microsoft has not received any information to indicate that this vulnerability has been publicly used to attack customers, and Microsoft is not aware of any customer impact at this time. Microsoft is aggressively investigating the public reports. Customers whose domain name begins in a third-level or deeper domain, such as “contoso.co.us”, or for whom the following mitigating factors do not apply, are at risk from this vulnerability.

We have published new information as wellas mitigation factors:
https://www.microsoft.com/technet/security/advisory/945713.mspx

See also the MSRC blog entry: https://blogs.technet.com/msrc/

Urs