Recently, Microsoft was hit along with various other major companies in an unprecedented cyberattack, most likely perpetrated by a hostile state actor. The attackers exploited vulnerabilities in SolarWinds software, which resulted in targets, primarily in the United States, having data compromised.
In a blog post on Microsoft's website, the company elaborated on its findings, noting that customer data was not compromised in the attack, and that access to Microsoft's systems were not used to further other attacks to secondary targets.
Microsoft also elaborated that unspecified source code repositories may have been viewed as a result of the attack. Microsoft also claims that its security model reduces the risk of vulnerabilities, noting that merely from viewing source code does not create "elevated risk," as the company operates internally using an "open source-like culture."
Whether the SolarWinds hack will be used to attack Microsoft's customers across Windows, Microsoft 365, or Azure remains to be seen. Despite Microsoft's claims, exposing any particular source code to a hostile agent may contribute to future exploits, particularly if the attacks are indeed emerging from a state-funded source.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Jez Corden a Managing Editor at Windows Central, focusing primarily on all things Xbox and gaming. Jez is known for breaking exclusive news and analysis as relates to the Microsoft ecosystem while being powered by caffeine. Follow on Twitter @JezCorden and listen to his Xbox Two podcast, all about, you guessed it, Xbox!