Thousands of windows credentials leaked in Microsoft Exchange Autodiscover bug

Don Sharpe
by Don Sharpe
Author
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com,... Read more
Affiliate Disclosure
  • Security experts have discovered a design flaw in Microsoft Exchange email server.
  • The bug has the capability of harvesting important credentials.
  • The bug resides in Microsoft Autodiscover protocol.

It would seem that Microsoft users continue having woes when it comes to email-related issues. Just the other day, a bug was reported that had invaded Outlook. Then comes the latest invasion.

According to security researchers, the design flaw is in the Microsoft Exchange Email server which provides a leeway for attackers to harvest Windows domain and app credentials from users.

Protocol

Amit Serper of AVP discovered the bug and after close investigation, it has been found to reside in the Microsoft Autodiscover protocol which is a feature that allows Automatic email server discovery and provides credentials for proper configuration.

The protocol is considered to be crucial  and gives admins access in ensuring clients use proper SMTP, LDAP, IMAP and WebDAV among other settings.

Back-off mechanism is the cause

Serper affirms that the back-off mechanism is the cause of the leak as it is always attempting to resolve the autodiscover part of the domain. It always fails making the autodiscover url that is automatically created reach the owner of the domain.

All captured credentials came with no encryption whatsoever in HTTP form. Serper advises users to use more secure forms of authentication such as NTLM and Oauth.

Microsoft is investigating the issue and will revert in due course.

What do you make of the latest bugs dominating emails? Are there ways you are protecting yourself from such vulnerabilities? Share with us in the comment section below.