#SOLARWINDS EXPLOIT CODE#
Typically, source code is viewable by teams within Microsoft, according to the blog.
#SOLARWINDS EXPLOIT SOFTWARE#
Microsoft says they rely on “open source software development best practices” and “an open source-like culture” for development of software. Microsoft says “this activity has not put at risk the security of our services or any customer data,” but adds they believe this attack was carried out by “a very sophisticated nation-state actor.” The company says that there’s no evidence that its systems were used to attack others. Hackers could use this information to exploit any potential weakness in the programmes. Source code is the key to how a software product is built and if compromised could leave it open to new, unknown risks. However, the fact that the hackers got in so deep is quite worrying, given source code is crucial to how any piece of software works. Microsoft has not confirmed what source code was accessed by the hackers. “These accounts were investigated and remediated,” adds the company. The company says so far the investigation confirmed no changes were made to this source code. “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories.” According to the post, the account did not have required permissions to access the code, to modify it, nor was it authorised to access the engineering systems.
0 kommentar(er)
