MicrosoftAriaUpdated Thanks for the clarification although it sort of confirms the confusion. I've been told the opposite by a MS PFE whom I know and have reason to trust: that this is about how the proxy authenticates, not the mechanism by which it is configured. And yet your description is the one that makes sense to me. The exploit is that a user-space proxy can be altered by a non-privileged user and thus spoofed ... how that proxy authenticates is irrelevant.
I looked for official docs on system vs user proxies and didn't come up with anything other than 'how to configure a proxy with GPO' and the like. So if you have docs handy to help clarify that'd be great.
In short, I don't think the terms 'system proxy' or 'user proxy' have any universally agreed upon definition and it would be wise to further clarify how you are using those terms in the post. I'm seeing wide amounts of confusion surrounding how to know if your org is going to be impacted or not. There's both an incredible amount of organizations using non-HTTPS WSUS (it's always been the default) and using proxies (almost universal in large orgs).
