Posts about:
Social media exploded when an ISV who specializes in security released a blogpost about a vulnerability they found in Autodiscover, the protocol that is used by mailclients to discover Exchange configuration and configure themselves. Outlook is the client that uses Autodiscover the most, but mobile clients and third party applications can use Autodiscover as well.
In an earlier blog post I wrote about Autodiscover changes, especially when using Outlook 2016 Click-to-Run.
Autodiscover was first introduced in Exchange 2007 and Outlook 2007 to quickly configure Outlook profiles, based on only the username and password. Outlook connects to the Exchange server, you enter your email address and password, and the Exchange server returns an XML package that Outlook uses to create or change its profile. The first implementation of Autodiscover was in Exchange 2007, but it is still used in Exchange 2019. Of course, there have been some improvements over the years, both in Exchange server as well as in Outlook, but overall the mechanism is the same.