The research of Yang Yu, founder of Tencent's Xuanwu Lab, has helped Microsoft patch a severe security issue in its implementation of the NetBIOS protocol that affected all Windows versions ever released.
Yu says the attacker can leverage this vulnerability to pass as a WPAD or ISATAP server and redirect all the victim's network traffic through a point controlled by the attacker.
By network traffic, Yu refers to all traffic, not just Web HTTP and HTTPS. This includes OS updates, software upgrades, Certificate Revocation List updates via Microsoft's Crypto API, and other OS maintenance operations.
"It does not require the attacker [to] reside in the same network," Yu writes in a technical preview offered to Softpedia. "The attack can even succeed when there are firewall and NAT devices in between."