WASHINGTON (Reuters) – The White House is closely tracking an emergency patch Microsoft Corp has released, U.S. national security adviser Jake Sullivan said on Thursday, after an unknown hacking group recently broke into organizations using a flaw in the company’s mail server software.
“We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of U.S. think tanks and defense industrial base entities,” Jake Sullivan, President Joe Biden’s national security adviser, said on Twitter.
“We encourage network owners to patch ASAP,” he said. His tweet included a link to a notice by Microsoft of the security update. (https://bit.ly/3kLPWJQ)
Microsoft’s near-ubiquitous suite of products has been under scrutiny since the hack of SolarWinds Corp, a Texas-based software firm that served as a springboard for several intrusions across government and the private sector.
In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks.
Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code – including elements of Exchange, the company’s email and calendaring product.
(Reporting by Eric Beech; Editing by Jacqueline Wong & Shri Navaratnam)