![]() ![]() ![]() However, because of a design issue that has been highlighted in the past as well, the protocol can end up searching for the configuration on external domains that are or can be registered by anyone. To do this, they rely on a remote configuration file hosted on what is intended to be a company domain. The goal of Microsoft’s Autodiscover protocol for Exchange is to help client applications to configure their connection to Exchange automatically. The risk is significantly higher for devices that are used outside of corporate networks, a common scenario during the pandemic. Security researchers warn that a design issue in how the Microsoft Exchange Autodiscover feature works can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |