This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Microsoft becomes third company to suffer compromise via malicious website visit

Share this article:
Microsoft fixes Internet Explorer and 'blue screen of death' vulnerabilities on Patch Tuesday
Microsoft fixes Internet Explorer and 'blue screen of death' vulnerabilities on Patch Tuesday

Microsoft has confessed that it has fallen victim to the same attack as both Facebook and Apple.

In a blog post, Matt Thomlinson, general manager of Microsoft's Trustworthy Computing Security, said that Microsoft can confirm that it also recently experienced a similar security intrusion to the internet giants.

He said: “Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organisations. We have no evidence of customer data being affected and our investigation is ongoing.”

The incident is extremely similar to the one suffered by Facebook, who discovered that its systems had been targeted in a sophisticated attack when some employees visited a mobile developer website that had been compromised, and Apple, whose employees had visited a website for software developers that had been infected with malicious software.

Web development company iPhoneDevSDK shouldered the responsibility for the Facebook compromise, with administrator Ian Sefferman saying that it was alerted to the fact that its site was "part of an elaborate and sophisticated attack whose victims included large internet companies" and prior to media attention, it had no knowledge of the breach and hadn't been contacted by Facebook, any other company, or any law enforcement about the potential breach.

Thomlinson said: “This type of cyber attack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries. We continually re-evaluate our security posture and deploy additional people, processes and technologies as necessary to help prevent future unauthorised access to our networks.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

NCA wants security pros to become cybercrime fighters

NCA wants security pros to become cybercrime fighters

The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from ...

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...