UBUNTU-CVE-2018-18358

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file...

June 14, 2016 — KB3163017 (OS Build 10240.16942)

June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...

New HTTPS URL Leakage Attack Leaves PCs, Macs, Linux Systems Vulnerable

LAS VEGAS — Researchers have found flaws in the Web Proxy AutoDiscovery protocol tied to DHCP and DNS servers that allow hackers spy on HTTPS-protected URLs and launch a myriad of different malicious attacks against Linux, Windows or Mac computers. According to the security firm SafeBreach, this...

Cumulative update for Windows 10: June 14, 2016

Cumulative update for Windows 10: June 14, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10. It also resolves the following vulnerabilities in Windows: 3163649 MS16-063: Cumulative security update for Internet Explorer: June 14, 2016 3163656...

Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016

Cumulative Update for Windows 10 version 1511 and Windows Server 2016 Technical Preview 4: June 14, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4, and resolves the following...

Elevation of Privilege Vulnerability Found in Microsoft Windows WPAD Agent

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows that stems from a program's inability to properly handle certain proxy discovery scenarios using the Web Proxy Autodiscovery WPAD...

Microsoft Windows WPAD Elevation of Privilege Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Web Proxy Autodiscovery WPAD protocol for Microsoft Windows. An attacker could exploit this vulnerability to bypass security checks and obtain...

Microsoft Windows DNS Server WPAD Access Validation Vulnerability

Description The Microsoft Windows DNS Server is prone to an access-validation vulnerability because the software fails to properly restrict access when defining WPAD Web Proxy Autodiscovery Protocol entries. An authenticated attacker may exploit this issue to create a WPAD DNS entry. This may aid...

Privilege escalation

The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol WPAD without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet...