The second Tuesday of August has arrived, which means one thing for Microsoft users: Patch Tuesday. Relatively speaking, August’s batch of patches is relatively light, with only nine bulletins, although five are rated as Critical.Read More
WPAD is a protocol that allows computers to automatically discover Web proxy configurations and is primarily used in networks where clients are only allowed to communicate to the outside world through a proxy – which is the case in most enterprises. To easily configure proxy settings for different types of applications which require an internet connection, WPAD, also known as “autoproxy”, was first implemented and promoted by Netscape® 2.0 in 19961 for Netscape Navigator® 2.0. The tool can apply to any system that supports proxy auto-discovery, like most browsers, operating systems and some applications not working from operating systems.
Warnings of security issues have been around for many years. These risks have been recognized in the security community for years, but for some reason been left largely ignored. In fact it is relatively easy to exploit WPAD. In basic terms, the security issue with the WPAD protocol revolves around the idea that whenever the protocol makes a request to a proxy, anyone else can create a service that answers that request and can practically impersonate the real web proxy (Man-in-the-Middle attack).Read More
Microsoft has rolled out eleven security updates for this month’s Patch Tuesday. Six are tagged as ‘Critical’ while the rest are rated as ‘Important.’ Three of the critical security bulletins address vulnerabilities in Internet Explorer (MS16-084), Microsoft Edge (MS16-085), and JScript and VBScript scripting engines in Microsoft Windows (MS16-086). All three flaws can allow remote code execution when successfully exploited via a specially crafted website/webpage. Moreover, two of these critical bulletins are cumulative security updates for Windows web browsers (Internet Explorer and Microsoft Edge), which are part of every Patch Tuesday.Read More
System administrators from all over the world know what the second Tuesday of the month brings: the regularly scheduled bounty of patches from Microsoft and other vendors. Because June started on a Wednesday, this month’s Patch Tuesday was on June 14, which is the latest it can be in any given month. This month’s volume…Read More
Earlier this week I talked at the annual HITB security conference in the Netherlands about some of my recent research into Android vulnerabilities. The topic of my talk was how performance counters in Android led to several serious vulnerabilities – including several that led to root access. This could allow an attacker to take control of a user’s device. I’d earlier disclosed some of these flaws beforehand, but withheld technical details until my talk.Read More