Friday, November 15, 2024
Advertisement
  1. You Are At:
  2. News
  3. Technology
  4. Microsoft wants to remain safe from hackers; gets new domain Corp.com

Microsoft wants to remain safe from hackers; gets new domain Corp.com

Microsoft gets a new domain to fight hackers from hacking Windows. Read on to know more

Reported by: IANS New Delhi Published on: April 08, 2020 11:28 IST
microsoft, microsoft buys corp.com, microsoft prevents windows from hackers, security, hacking, tech
Image Source : AP

Microsoft wants to solve 'namespace collision' problem

Microsoft Corporation has agreed to buy the domain corp.com from a private owner for an undisclosed sum, in an effort to prevent cybercriminals from abusing it owing to a problem known as "namespace collision".

According to KrebsOnSecurity, a blog run by journalist Brian Krebs, Microsoft has bought the domain from its Wisconsin-based owner Mike O'Connor "in a bid to keep it out of the hands of those who might abuse its awesome power".

"We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the Corp.com domain," the company said in a statement.

Mike bought corp.com 26 years ago and hoped Microsoft would buy it someday because "hundreds of thousands of confused Windows PCs are constantly trying to share sensitive data with corp.com".

The "namespace collision" is a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet.

"Early versions of Windows actually encouraged the adoption of insecure settings that made it more likely Windows computers might try to share sensitive data with corp.com," said the report.

In February this year, KrebsOnSecurity told the story of Mike auctioning off domain corp.com for the starting price of $1.7 million. However, he did not declare how much Microsoft finally paid him for corp.com.

Domain security experts call corp.com dangerous because whoever has it would have access to an "unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe".

Windows computers on an internal corporate network validate other things on that network using a Microsoft innovation called ‘Active Directory'. A core part of the way these things find each other involves a Windows feature called "DNS name devolution".

In early versions of Windows that supported ‘Active Directory, the default or example Active Directory path was given as "corp," and many companies apparently adopted this setting without modifying it to include a domain they controlled.

"In practical terms, this means that whoever controls corp.com can passively intercept private communications from hundreds of thousands of computers that end up being taken outside of a corporate environment which uses this "corp" designation for its Active Directory domain,' the Krebs report elaborated.

Over the years, Microsoft has released several software patches to help tackle "namespace collisions".

Latest technology reviews, news and more

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Technology

Advertisement
Advertisement
Advertisement
Advertisement