A fundamental design flaw in the way that Windows obtains proxy settings makes the operating system vulnerable to attack.
Security
company IOActive told the ShmooCon hacker conference that an attacker
with access to a network could insert a malicious proxy and see all the
traffic.
Chris Paget, director of research and development at
IOActive told the converence that it was easy for a hacker to become a
proxy server without a company knowing about it.
According to News.com,
the problem is caused because Internet Explorer on Windows PCs by
default searches for a proxy server using the Web Proxy Autodiscovery
Protocol, or WPAD.
An attacker can register a proxy server on a
network using the Windows Internet Naming Service, or WINS, and other
network services including the Domain Name System, or DNS. the first
thing IE does when IE starts up is ask the network where its proxy
server is and a hacker only has to show it where to go.
Microsoft has acknowledged that there is a problem.
More here