A "design flaw" in Microsoft Exchange's Autodiscover protocol allowed researchers to access 372,072 Windows domain credentials and 96,671 unique sets of credentials from applications such as Microsoft ...