Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 24 Sep 2021.

  1. An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in plain text (HTTP[​IMG]

    Continue reading...
     

Share This Page

Loading...