Well in my case (and a lot of other people), 192.168.1.1 is the local address of my home router. So if I go to microsoft.com I have a 1 in 7 chance of getting my home router instead (if I ignore the certificate warning). Other random breakage will happen depending on what that local address is assigned to for you.
In theory this could be leveraged for hacking, but I think that would require setup in advance.
yep. If a hacker can somehow control 192.168.1.1 or 192.168.0.1 they get access to your microsoft.com cookies at least. I'm sure there are more microsoft specific ways to leverage this too (e.g. data/updates hosted on microsoft.com that misuse HTTPS as a poor man's authentication. The curl | sh crowd are especially susceptible to this problem.)
In theory this could be leveraged for hacking, but I think that would require setup in advance.