Microsoft is the latest to be hacked via Java exploit

Microsoft has admitted that a 'small number of [its] computers' were infected with malicious software in the same manner as recent breaches at Apple and Facebook.

"Microsoft can confirm that we also recently experienced a similar security intrusion," it said in a statement on Friday. "We found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organisations.

"We have no evidence of customer data being affected and our investigation is ongoing.

Matt Thomlinson, general manager of 'trustworthy computing security' at the company, wrote that "this type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries".  

"We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorised access to our networks"

Last week, Apple revealed that the hack was enabled by a zero-day flaw in a Java browser plug-in. "Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers," it said in a statement.

Both Oracle and Apple have released security patches for the exploit.

According to news agency Bloomberg, the attacks appear to have originated in Eastern Europe and have been linking to a gang of cyber criminals. At least one command and control server involved in the attack has been traced to the Ukraine, it reported.


Pete Swabey

Pete Swabey

Pete was Editor of Information Age and head of technology research for Vitesse Media plc from 2005 to 2013, before moving on to be Senior Editor and then Editorial Director at The Economist Intelligence...

Related Topics