Microsoft gobbles up corp.com domain to keep it from hackers

Microsoft may have spent nearly $2 million to protect companies from their own flawed networks

Microsoft logo suspended above a conference floor

Microsoft has purchased the domain corp.com. The company confirmed the purchase on Tuesday but has yet to reveal how much it paid to acquire the domain. When its original owner, Mike O’Connor, first put it up for sale in February, he priced it at a cool $1.7 million. 

So why did Microsoft potentially pay nearly $2 million for this domain? It was a security threat waiting to happen, and gobbling it up was the only way to keep it in safe hands. 

The security issues are related to a namespace collision, which is when there's an overlap between an internal domain name and an address on the internet. The corp.com domain was a potential security threat because earlier versions of Windows presented admins with “corp” as the default domain name suggestion when setting up a company's Active Directory service. 

Had someone other than Microsoft purchased the domain, they could have leveraged it to harvest sensitive data from Windows devices with the default “corp.com” setting.

"To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names," a Microsoft spokesperson shared. "We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the corp.com domain."

Wisconsin native Mike O’Connor purchased corp.com 26 years ago and has done little with it. He was well aware of the security risks the domain presented for Windows users and hoped, in the end, Microsoft would do right by its users and purchase the domain.

Ultimately, what Microsoft's purchase of the corp.com domain fails to solve is the issue of companies tying their internal networks to domains they don't own. As long as they continue this unsafe tactic, these companies leave the door open to a potential security nightmare.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021