this post was submitted on 26 Jan 2026
12 points (100.0% liked)

Microsoft

561 readers
13 users here now

Welcome to the Microsoft community! This is a place to discuss everything related to Microsoft, including products, services, features, and discussions (e.g., Windows, Surface, 365).

General discussions about Microsoft products, updates, tips, and related topics are welcome. However, for specific technical support, account-related inquiries, advertising questions, and other issues, please direct them to official Microsoft support channels.

Rules

  1. Stay on topic: All posts should be related to Microsoft products, services, or the Microsoft ecosystem.

  2. Respectful discussions: Treat fellow community members with respect and engage in constructive discussions. Avoid personal attacks, harassment, or offensive language.

  3. No support inquiries: Please refrain from posting individual support inquiries or account-related issues. Use official Microsoft support channels for assistance.

  4. No spam or self-promotion: Do not post spam or self-promotional content. This includes links to personal websites, blogs, or products/services.

  5. No illegal content: Do not share or discuss illegal content, including piracy, hacking, or copyright infringement.

  6. No misleading information: Avoid spreading false or misleading information about Microsoft or its products.

  7. No inappropriate content: Do not post or link to any inappropriate or NSFW (Not Safe for Work) content.

  8. No off-topic discussions: Keep the discussions focused on Microsoft products, services, and related topics. Avoid unrelated or off-topic discussions.

  9. No excessive self-promotion: Do not promote products, services, or websites.

founded 2 years ago
MODERATORS
ijeff
12
Odd anomaly caused Microsoft's network to mishandle example.com traffic (arstechnica.com)
submitted 11 hours ago by nemeski@mander.xyz to c/microsoft
1 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] skulblaka@sh.itjust.works 1 points 9 hours ago

"Odd anomaly" you say. Hm. It's Microsoft, so I'm immediately wondering if it's been Slopified.

Let's check the article.

Output from the terminal command cURL shows that devices inside Azure and other Microsoft networks have been routing some traffic to subdomains of sei.co.jp, a domain belonging to Sumitomo Electric.

Well that's a strange error. One that a human probably wouldn't be making by accident.

The new JSON response suggested that, as of Monday morning, Microsoft hadn’t fixed the endpoint routing traffic to the Sumitomo Electric servers. Instead, the JSON response no longer occurs. [...] “It looks like they may have outright removed the endpoint that validates the email, because I’m seeing ‘not found’ errors,” said Dan Tentler, founder of Phobos Group. As denoted by ENOTFOUND, the error “suggests that [Microsoft admins] just ripped out whatever this thing was.”

Oh, so also, nobody knows what the problem really is or how to fix it properly. Hmmmmmm.

It’s unclear how Sumitomo Electric’s domain would have found itself part of this mess. Microsoft last year said the Japanese company’s parent company, Sumitomo Corp., was deploying Microsoft 365 Copilot, but that still doesn’t explain why a subsidiary’s domain was added to Microsoft’s network configuration.

Ah. Yep, there it is. Always the thing you most expect, innit?

If this somehow isn't Copilot ripping open a massive, hemhorraghing security hole, then it's someone inside Microsoft doing this on purpose.

“The result is that anyone who tries to set up an Outlook account on an example.com domain might accidentally send test credentials to those sei.co.jp subdomains.”

I.e. Any inexperienced sysadmin trying to set up a new account may very well accidentally leak their credentials to a (previously) unknown third party via Microsoft's own setup tools.

Regardless which motivation led to this it is yet further proof that Microsoft cannot be trusted with anything.