Have you been caught out after creating your WPAD DNS alias and it doesn't resolve?
This one caught me out since we decided to roll out Auto discovery for Web Proxies for MAC OS X. We are using ISA Server 2006 Standard Edition, and to enable WPAD via DNS you need to create a DNS alias to point to your server hosting your PAC file.
If you have added your DNS alias after you have applied the security patch relating to MS09-008 you might discover that the DNS name does not resolve. This is because in the above mentioned Microsoft Security Patch for DNS and WINS wpad has been added to a new GlobalQueryBlockList. This was introduced to help prevent a Man-In-The-Middle attack. For more information please refer to MS09-008
To fix this issue you will need to edit the registry on all your name servers and restart your DNS service and this is detailed in 'Changes to DNS server behavior after you install the security update for DNS servers' (KB968732)
