To save its corporate clients potential security-related headaches down the road, Microsoft has purchased the domain corp.com. First reported by security researcher Brian Krebs, the company confirmed the purchase on Tuesday but didn't say how much it had paid to acquire the domain. It had a $1.7 million starting price when it was first listed in February by a man named Mike O'Connor who had owned it for about 26 years.
Corp.com was a potential security threat waiting to happen thanks to something known as namespace collision, a situation in which there's an overlap between an internal domain name and an address out on the internet. In earlier versions of Windows, the default domain name suggestion for admins setting up the company's Active Directory service was "corp." The issue here was two-fold. First, Microsoft tied the default suggestion to a real address (the current best practice is to direct people to example.com or example.org). Second, a lot of admins just went with the default suggestion instead of changing the setting.
Had someone with less than noble intentions bought the domain, they could have used it to harvest passwords and emails and other sensitive data from Windows PCs in companies where the IT department had used corp.com to set up their internal network. In fact, one of the reasons O'Conner decided to sell the address was because a lot of confused computers were consistently trying to share their data with the domain.
"To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names," a Microsoft spokesperson told ZDNet's Mary Jo Foley. "We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the corp.com domain."
Ultimately, what Microsoft's purchase doesn't solve is the underlying issue of companies tying their internal networks to domains they don't own. As Krebs points out, corporations that do that are opening themselves up to a "similar potential security nightmare."