Microsoft Buys ‘Dangerous’ Domain to Protect Customer Security

Posted on April 7, 2020 by Mehedi Hassan in Windows with 7 Comments

Microsoft may have just spent millions on a new domain. The company today confirmed it has purchased the domain name in an effort to protect customer security, reports KrebsOnSecurity.

The reason behind the purchase is actually quite fascinating. is considered a dangerous domain by security experts, mainly because of an issue with how Microsoft’s Active Directory feature worked in older versions of Windows.

The owner of the domain, Mike O’Connor, who purchased the domain 26 years ago, started auctioning the domain back in February for–wait for it–$1.7 million. Microsoft confirmed the company has purchased the domain, but it wouldn’t disclose exactly how much it spent. It’s likely the company spent more than the $1.7 million starting price.

KrebsOnSecurity reported the issue with and Active Directory back in February.

The problem is actually pretty interesting from a networking point of view. As KrebsOnSecurity explains, earlier versions of Windows that supported Active Directory had set “corp” as the default path, and many companies apparently started using the name without changing it to a domain that they actually owned. And that means whoever had access to could possibly intercept the requests coming in from these organizations, and steal sensitive data. The problem is much deeper and complicated than that, of course.

Microsoft has released Windows updates in the past to help against such issues, but it’s now buying the to completely protect organizations who use “corp” on Active Directory.

“To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names. We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the domain,” a Microsoft spokesperson said.

Tagged with , ,

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Comments (7)

7 responses to “Microsoft Buys ‘Dangerous’ Domain to Protect Customer Security”

  1. simont

    Typo - 26 hours should be 26 years

  2. ezab

    The company today confirmed it has purchased the domain name in an effort to protect customer security, reports KerbsOnSecurity.


  3. ngc224

    Really, Paul? You just delete comments you don’t like?