Secret Microsoft database of unfixed vulnerabilities hacked in 2013

Wednesday, 18 October 2017, 05:10:53 AM. Hackers broke into a secret Microsoft database containing information about critical and unfixed vulnerabilities in Windows and other popular software in 2013, former employees disclose.
Microsoft Corp's secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database. The company did not disclose the extent of the attack to the public or its customers after its discovery in 2013, but the five former employees described it to Reuters in separate interviews.  Microsoft declined to discuss the incident. The database contained descriptions of critical and unfixed vulnerabilities in some of the most widely used software in the world, including the Windows operating system. Spies for governments around the globe and other hackers covet such information because it shows them how to create tools for electronic break-ins. 'Bad guys with inside access to that information would literally have a "skeleton key" for hundreds of millions of computers around the world.' - Eric Rosenbach, former U.S. deputy assistant secretary of defense for cyber The Microsoft flaws were fixed likely within months of the hack, according to the former employees. Yet speaking out for the first time, these former employees as well as U.S. officials informed of the breach by Reuters said it alarmed them because the hackers could have used the data at the time to mount attacks elsewhere, spreading their reach into government and corporate networks. "Bad guys with inside access to that information would literally have a...Read more
Share this

    You might also like