HOW TO FIX THE MICROSOFT EXCHANGE AUTODISCOVER FLOW?
THESECMASTER
Guardicore Team has uncovered a design-level flaw in Microsoft Exchange Autodiscover, which could result in the leak of millions of usernames and passwords across the globe. In the report, Guardicore Team said that it acquired multiple Autodiscover domains with a TLD suffix, and they have set them up to reach a web server that they control.
1. What Is Microsoft Exchange Autodiscover?
2. How Does Microsoft Exchange Autodiscover Work?
3. How Attackers Exploit Microsoft Exchange Autodiscover Flaw To Capture User Credentials?
4. What Are The Implications Of The Microsoft Exchange Autodiscover Flaw?
5. Who Are The Victims Of The Microsoft Exchange Autodiscover Flaw?
6. How To Fix The Microsoft Exchange Autodiscover Flaw?
6.1. For User or Client:
6.2. For Vendors:
7. Conclusion
Table of Contents :
For User or Client:
1.Autodiscover.com.br – Brazil
2. Autodiscover.com.cn – China
3. Autodiscover.com.co – Columbia
4. Autodiscover.es – Spain
5. Autodiscover.fr – France
6. Autodiscover.in – India
7. Autodiscover.it – Italy
8. Autodiscover.sg – Singapore
9. Autodiscover.uk – United Kingdom
10. Autodiscover.xyz
11. Autodiscover.online
How Attackers Exploit Microsoft Exchange Autodiscover Flaw To Capture User Credentials?
Twitter
LinkedIn
Facebook
FOLLOW US:
Tumblr
Telegram
Medium
THESECMASTER