Microsoft Tuesday was still examining the details of a vulnerability discovered by a hacker that appears to exploit an eight-year-old flaw in Windows. So far, the company has not announced plans for a patch. In addition, the company would not confirm that the issue is based on a vulnerability first discovered in 1999 in the Web Proxy Autodiscovery Protocol (WPAD) in Windows. Nor would the company commit to the fact that any fix is under development.
Mark Miller, director of security response for Microsoft, said in a statement,