Confirming the claims by KrebsOnSecurity, a blog run by known journalist and security researcher Brian Krebs, Microsoft Corporation has said that it has bought corp.com domain. Without disclosing the sum involved in the deal, the company said that this move will prevent cybercriminals from abusing the domain that will, in turn, keep its customers safe. The blog claims that Microsoft bought the domain from Wisconsin-based Mike O’Connor, who purchased it 26 years ago.
‘To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names. We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the corp.com domain,’ ZDNet quoted a Microsoft spokesperson as saying.
Experts dub the corp.com domain dangerous because the owner of the domain has access to ‘an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe.’ Mike O’Connor said that he hoped Microsoft would buy it someday because ‘hundreds of thousands of confused Windows PCs are constantly trying to share sensitive data with corp.com’.
But how do people share sensitive data with the domain? The answer is ‘namespace collision’. According to Krebs, this is ‘a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet.’ This happened due to an issue in earlier versions of Windows.
Older versions of Windows had ‘corp’ as the default domain name suggestion for admins setting up the company's Active Directory service. Microsoft linked the default suggestion to a real address, and since a majority of admins go ahead with the default suggestion, data from Windows PCs were sent to corp.com. Had Mike O’Connor sold the domain to someone who intended to use the data for criminal acts, a lot of firms would have been exposed to a great cyber threat.