A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers.

Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Guardicore security researcher Amit ...

Shipping companies, power plants and investment banks don't often share much in common, but new research shows they are all inadvertently leaking thousands of email passwords of their own employees, ...

Microsoft is rushing to register Internet domains used to steal Windows credentials sent from faulty implementations of the Microsoft Exchange Autodiscover protocol. On Monday, Guardicore's Amit ...

A "design flaw" in Microsoft Exchange's Autodiscover protocol allowed researchers to access 372,072 Windows domain credentials and 96,671 unique sets of credentials from applications such as Microsoft ...

Autodiscover works great on user's local machines (desktops, laptops, etc) on the internal LAN. However I've got a Terminal Server with Outlook 2010 installed that Autodiscover fails every time you ...

Got a strange one. Exchange 2010 RTM on Windows Server 2008 R2, single server environment (Exchange on a DC, no less) migrated from 2003 (I wasn't the one who did the migration, so I don't know what ...