Hello. My name is Tim Rains and I work on the Security Response Communications Team at Microsoft. My team works to provide communications around security response to our customers through the MSRC Blog and other types of communications vehicles.
I want to let you know that we have just posted Microsoft Security Advisory 945713, which provides information about a vulnerability in the way Microsoft Windows XP SP2, Windows Server 2003 SP1, Windows Server 2003 SP2 and Windows Vista find a Web Proxy Automatic Discovery (WPAD) server. This vulnerability also affects supported versions of Internet Explorer.
At this time, we are not aware of attacks attempting to use the reported vulnerability, but we will continue to track this issue. The advisory contains several mitigations that customers can use to help protect themselves from attackers.
We will continue to monitor the situation and post updates to the advisory and the MSRC Blog as we become aware of any important new information.
*This posting is provided “AS IS” with no warranties, and confers no rights.*