Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Admits To Being Hacked Too

Posted by samzenpus on from the join-the-crowd dept.

colinneagle writes "Once upon a time, Microsoft claimed that falling prey to social engineering tactics and then being hacked was a 'rookie mistake.' But now is the time for companies to jump on the bandwagon, to admit they were targeted by cyberattacks and successfully infiltrated. The stage is so crowded with 'giants' at this point, that there are fewer 'bad press' repercussions than if only one major company had admitted to being breached. Microsoft now admitted, hey we were hacked too. 'As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion,' wrote Matt Thomlinson, General Manager of Microsoft's Trustworthy Computing Security. Unlike the New York Times and the Wall Street Journal there was no mention of Chinese hackers."

6 of 92 comments (clear)

  1. The problem with Chinese hackers... by Chris+Mattern · · Score: 5, Funny

    ...an hour later and you're losing data again!

  2. Re:Let's be honest by catmistake · · Score: 5, Informative

    Except that it has NOTHING to do with OS X security. This is all Oracle software that has the issue, software that Apple no longer distributes nor supports. If you don't run Oracle software, you won't be affected. Interestingly, even if you do have the software installed, and it isn't used after 31 days, OS X automatically disables it.

    Again, this has zero to do with OS X security. This is all about end user installed software, provided and supported by Oracle.

    --
    The Admin and the Engineer
  3. Re:It was Macs at Microsoft by ThomasBHardy · · Score: 5, Interesting

    "During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations."

    Let's disect this, shall we?
    "A small number of computers" of OS type undisclosed, therefore it included Windows machines or else MS would have specifically called out the faults of others to safe face and made it clear that none were running it's flagship operating system.

    "including some in our Mac business unit" of OS type undisclosed, therefore it included Windows machines or else they would have called out OSX by name.

    For all we know there were 78 machines compromised (a small number compared to the number of machines at all of Microsoft, and of those only 2 were in the Mac business unit. the statement reads as true but deflects the maximum amount of blame away by implying that it's a Mac issue. .

    --
    Warning: Teh poster of this messaeg is lysdexic
  4. Re:It was Macs at Microsoft by ILongForDarkness · · Score: 4, Interesting

    I got into a bit of a flame war back and forth with a guy when the Java vulnerability first appeared. He said it would only affect PCs since viruses don't work on Mac or Linux. I called bs he responded with "they use different filesystems, learn something before spewing off at the mouth." To which I replied: 1) this is a browser based attack and 2) do you think a hacker can't figure out /home/bob rather than \Users\bob? My God the things people come up with. All three platforms now have a request for elevation kind of mechanism that is supposed to protect you. The problem is for 90% of users a UNC prompt or its mac/linux equivalent pops up and they click ok. To most users the fingers go in the ears as soon as you try to explain the risks and what is happening and they just ask "So what do I need to click to continue?" This is more a mental problem then a technological one and I don't see any likely solution. Sandboxing like Win 8 Modern can help where you at least in theory make no app able to see each other directly or even the whole of the filesystem but there are just too many use cases where being able to browse all the filesystem, one app needs to get something from anothers space etc that are needed.

  5. Re:It was Macs at Microsoft by benjymouse · · Score: 5, Informative

    It wasn't just the Macs. This was an attack on the Oracle java browser plugin, not an attack on a specific platform.

    Troll less, recoiledsnake.kthxbai.

    Yes, it was just the macs. The attack vector was a Java vulnerability, but the payload is always OS specific. Some attacks have been known to serve different payload after sensing the OS. But not this one. This payload was Mac specific, and Mac computers were the only one affected.

    Coincidentally, the Java vulnerability exploited in the attack had been patched by Oracle several weeks before. But the vulnerability was still in the Apple maintained Java 6 (Apple still maintains their own Java 6 until EOLed - Oracle has only committed to maintain Java 7 on OS X).

    This is all Macs and all Apple.

    --
    Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
  6. Re:Let's be honest by mystikkman · · Score: 5, Insightful

    By the same token, a huge section of "Windows Malware" also has nothing to do with Windows Security. Yet we see hundreds of modded up posts on Slashdot bashing Microsoft over it regularly, yet Apple seems to be getting a free pass just like Android.