HOW TO FIX THE MICROSOFT EXCHANGE AUTODISCOVER FLOW?

THESECMASTER

Guardicore Team has uncovered a design-level flaw in Microsoft Exchange Autodiscover, which could result in the leak of millions of usernames and passwords across the globe. In the report, Guardicore Team said that it acquired multiple Autodiscover domains with a TLD suffix, and they have set them up to reach a web server that they control.

THESECMASTER

1. What Is Microsoft Exchange Autodiscover?
2. How Does Microsoft Exchange Autodiscover Work?
3. How Attackers Exploit Microsoft Exchange Autodiscover Flaw To Capture User Credentials?
4. What Are The Implications Of The Microsoft Exchange Autodiscover Flaw?
5. Who Are The Victims Of The Microsoft Exchange Autodiscover Flaw?
6. How To Fix The Microsoft Exchange Autodiscover Flaw?
6.1. For User or Client:
6.2. For Vendors:
7. Conclusion

Table of Contents :

THESECMASTER

For User or Client:

1.Autodiscover.com.br – Brazil
2. Autodiscover.com.cn – China
3. Autodiscover.com.co – Columbia
4. Autodiscover.es – Spain
5. Autodiscover.fr – France
6. Autodiscover.in – India
7. Autodiscover.it – Italy
8. Autodiscover.sg – Singapore
9. Autodiscover.uk – United Kingdom
10. Autodiscover.xyz
11. Autodiscover.online

How Attackers Exploit Microsoft Exchange Autodiscover Flaw To Capture User Credentials?

THESECMASTER

Twitter

LinkedIn

Facebook

FOLLOW US:

Tumblr

Telegram

Medium

THESECMASTER