WebProNews

New Zealand hacker Beau Butler pointed out an ancient (1999) computer bug still posed problems for web browsers all the way up to modern versions. Internet Explorer and Firefox can fall prey to the vulnerability Butler presented to fellow researchers at Kiwicon in November. Microsoft appeared to have been caught unawares by the issue, despite Butler noting it had been exploited in the UK in 2006.

The Sydney Morning Herald said Butler tried reporting in June what he found to Microsoft, but sent his report to the wrong email address.

"The glitch affects the way browser software attempts to automatically configure proxy settings and means millions of PCs around the world are attempting to download configuration information from the Internet instead of their ISP," the report said.

Simply by owning the right domain, an attacker could easily watch as thousands of computers stopped by to pick up malicious configuration information. Butler's experiment in researching the problem could have allowed him to attack over 160,000 PCs in New Zealand.

Butler described Microsoft's renewed, keen interest in fixing this flaw as "freaky outty." Worse for Microsoft, the problem exists in Vista, which they have touted as their most secure operating system.

follow me on Twitter