Microsoft gobbles up corp.com domain to keep it from hackers

Microsoft may have spent nearly $2 million to protect companies from their own flawed networks

Microsoft has purchased the domain corp.com. The company confirmed the purchase on Tuesday but has yet to reveal how much it paid to acquire the domain. When its original owner, Mike O’Connor, first put it up for sale in February, he priced it at a cool $1.7 million. 

So why did Microsoft potentially pay nearly $2 million for this domain? It was a security threat waiting to happen, and gobbling it up was the only way to keep it in safe hands. 

The security issues are related to a namespace collision, which is when there's an overlap between an internal domain name and an address on the internet. The corp.com domain was a potential security threat because earlier versions of Windows presented admins with “corp” as the default domain name suggestion when setting up a company's Active Directory service. 

Advertisement - Article continues below

Had someone other than Microsoft purchased the domain, they could have leveraged it to harvest sensitive data from Windows devices with the default “corp.com” setting.

"To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names," a Microsoft spokesperson shared. "We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the corp.com domain."

Advertisement
Advertisement - Article continues below

Wisconsin native Mike O’Connor purchased corp.com 26 years ago and has done little with it. He was well aware of the security risks the domain presented for Windows users and hoped, in the end, Microsoft would do right by its users and purchase the domain.

Ultimately, what Microsoft's purchase of the corp.com domain fails to solve is the issue of companies tying their internal networks to domains they don't own. As long as they continue this unsafe tactic, these companies leave the door open to a potential security nightmare.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Most Popular

Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
Visit/security/cyber-security/355797/microsoft-bans-trend-micros-rootkit-buster-from-windows-10
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
Visit/security/ransomware/355811/how-can-organisations-protect-themselves-from-nas-ransomware-attacks
ransomware

How can organisations protect themselves from NAS ransomware attacks?

28 May 2020