Kiwicon hacker demo exposes serious Windows flaw

Hole could allow millions of PCs to be hijacked

A demonstration at the Kiwicon hacker conference in Wellington earlier this month has exposed a serious Windows security flaw.

The Age newspaper, in Melbourne, reports the flaw forced Microsoft engineers to work furiously through the US Thanksgiving holiday to develop a fix. It was discovered by New Zealand-based ethical hacker Beau Butler.

"This whole presentation came about from me telling a story to a bunch of my computer security friends down the pub one night," Butler told The Age. "They basically said, 'You're going to have to step up and talk about that'."

Butler found that 160,000 computers in New Zealand alone were vulnerable, and could have been hijacked. Computers in the US were not vulnerable.

Butler notified Microsoft of the issue and The Age held back on publication until after the fix was delivered.

The security issue was with Windows Proxy Autodiscovery (WPAD) functionality.

Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Microsoft, beau butler, kiwicon, Security ID
All whitepapers

Heartbleed bug is irritating McAfee, Symantec, Kaspersky Lab

MORE IN Storage
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in New Zealand