Windows Logins And Passwords Leaked Due To Bugs

Share post:

Around 100,000 login names and passwords for Windows domains have been leaked by bugs.

This was due to the incorrect implementation of Microsoft Exchange’s Autodiscover feature, which resulted in Windows credentials being sent to untrusted third-party websites.

Microsoft Exchange uses an Autodiscover feature to automatically configure a user’s email client, such as Microsoft Outlook, using the company’s predefined email settings.

The issue starts when a client cannot successfully authenticate the Autodiscover URL to Microsoft Exchange Server. Microsoft would perform a “back-off” procedure by creating additional URLs.

It is therefore this faulty implementation of the Autodiscover protocol that causes mail clients to authenticate to untrusted domains.

In investigating the problem, Guardicore’s security research AVP, Amit Serper, has identified some methods that organizations and developers could utilize to mitigate these Microsoft Exchange Autodiscover leaks.

These include blocking all Autodiscover.[tld] domains of different organizations, firewall or DNS servers, so that their devices cannot connect to them.

Businesses are also urged to disable Basic authentication as it sends credentials in cleartext.

Software developers are advised to prevent their mail clients from failing upwards when building Autodiscover URLs to ensure they never connect to Autodiscover. [tld] domains.

For more information, read the original story in BleepingComputer.

Featured Tech Jobs



Related articles

Kaspersky uncovers malware targeting iPhones running iOS 15.7 and below

Kaspersky has uncovered a sophisticated malware campaign specifically designed to infect iPhones running up to iOS 15.7 through...

WordPress fixes critical Jetpack plugin vulnerability

WordPress has addressed a critical flaw discovered in the Jetpack plugin, which had the potential to enable authors...

Akamai discovers Dark Frost botnet exploiting gaming platforms

Akamai's security intelligence response team recently has alerted the general public of Dark Frost, a botnet that has...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways