Microsoft buys Corp.com to keep it out of the hands of bad buys

Microsoft finally owns the Corp.com domain. Microsoft did not buy this domain to launch a new product or service, instead it wanted to keep the domain out of the hands of bad buys. Microsoft bought this domain from Wisconsin native Mike O’Connor for about $1.6 million.

Corp.com domain receives sensitive data from hundreds of thousands of Windows PCs. This is because “corp” is the default Active Directory domain name in Windows Server 2000. Organizations can modify this path, but many organizations did not. So, when “corp” is the default Active Directory domain name, if employees in that organization try to access it within the company network, there won’t be any problem. But if the employee tries to access the corp path in a public network, Windows will try to resolve \\corp\ as corp.com public domain because of the way DNS name devolution works.

Microsoft offered the following statement in response to the acquisition of Corp.com domain.

“To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names. We released a security advisory in June of 2009 and a security update that helps keep customers safe. In our ongoing commitment to customer security, we also acquired the Corp.com domain.”

Source: KerbsOnSecurity