Fix WPAD Vulnerability by Changing Host File with SCCM

It was a bit more diffcult than I thought, originally I was using compliance settings, but then it didn’t work so well. So I go back to the classic application deployment by SCCM.

Here is the detection method:

# WPAD Vulnerability Remediation Discover Script
# Rui Qiu
# v 2.0
# 4/5/2018
# Last edit: 4/11/2018

$i = 0
$results = Select-String -Path $env:SystemRoot\System32\Drivers\etc\hosts -Pattern wpad
foreach($result in $results)

# Write-Host $results
if ($i -eq 2 )
{Write-Host “Installed”}


Because some workstations are still on Powershell 2.0, so I have to use a Hosts Commander to remove and add wpad entries.

Install-Module PsHosts
Remove-HostEntry wpad*

Add-HostEntry -Address -Name wpad
Add-HostEntry -Address -Name wpad.corp.lan

Here is the batch file command:

hosts.exe rem wpad*
hosts.exe add wpad
hosts.exe add wpad.corp.lan

Leave a Reply