This Week Health
Alex's Lemonade Stand This Week Health
<- Back to Insights
June 20, 2024

Microsoft Refused to Fix Flaw Years Before SolarWinds Hack

ProPublica
|
Contributed by: Drex DeFord
Summary
Andrew Harris, a cybersecurity expert hired by Microsoft, discovered a significant flaw in Microsoft’s cloud login product in 2016, revealing a vulnerability that allowed attackers to impersonate legitimate users without raising alarms. Despite Harris’s repeated warnings, Microsoft delayed fixing the issue due to potential financial risks and concerns about losing a lucrative federal contract. The flaw was eventually exploited in the SolarWinds hack by Russian operatives, affecting federal agencies and other entities. Harris, frustrated by the company's inaction, left Microsoft and later publicly criticized the company’s handling of the flaw. Microsoft's security culture and business priorities were later scrutinized in light of these events, culminating in congressional testimony and delayed security measures.

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Subscribe News
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved