Add Microsoft To List of Hacked US Companies: Similar Security Breach As Facebook and Apple
Microsoft has just joined the small list of companies that have experienced a cyberattack this past month, made all the more interesting due to the fact that it's the same one that Apple and Facebook suffered. Compared to Facebook's informative post, Microsoft's could be considered minimal, with the bulk of what's important seen below:
"Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing."
While Java was not explicitly mentioned, the fact that Microsoft mentions both Apple and Facebook leads us to believe that an identical attack using a zero-day Java exploit was used. Fortunately though, like Apple and Facebook, it appears that no one got off with any important information from Microsoft, which might make this one of the more unsuccessful wide-reaching cyberattacks we've seen to date.
Attacks like these are not unique to big corporations, however. This particular Java exploit (since patched) could have been trigged by anyone who visited the correct website. It goes without saying that keeping up-to-date on your software is very important, and as I mentioned a couple of weeks ago, it'd be a great time to evaluate whether or not you actually need all of the software installed that you have, especially Java.