Microsoft is attempting to play down the significance of the hack reported last week, denying any source code was stolen or altered. It has also hit out at ongoing rumours which suggest the attacks may have begun three months ago.
Published: 30 October 2000 13:00 GMT
However, the software giant has admitted the hacker "may have viewed the source code for a single future product under development" but did not specify which product.
The Wall Street Journal - which first broke the story - alleged that the attack could have begun three months ago, and that the integrity of code under development in Redmond, including that of Windows ME and the next version of Windows 2000, may have been compromised.
In an official statement issued today, the software giant said that it became aware of the hack "shortly after it first occurred", and tracked the perpetrator's activities over the period 14 October to 25 October.
The company claims no customers have or will be affected by the incident.
It reiterated its belief that "there is no evidence the intruder gained access to the source code for Office or any Windows products".
The statement continues: "There is no evidence to suggest that any of Microsoft's online services have been or will be affected by the incident. The security breach did not involve a security vulnerability in any Microsoft product. We have no evidence to suggest that the hacker gained any other access to any other source code."
A report in Sunday's New York Times said Microsoft believes access was probably gained via a remote worker's PC. The report also suggests staff first noticed the problem on 17 October, when new accounts were discovered that did not match normal audit logs.
According to the report, Microsoft then monitored the intruder for two days as he or she created new accounts with varying degrees of access to the network. It was during this time the intruder came across the source code.
Microsoft is continuing to investigate the incident with the FBI.
IT Security Analyst - ISO27001 PCI DSS APACS and SOX Worldwide provider of IT Solutions to the worlds leading Financials is currently seeking a ...
A thorough understanding of network attack methodology is assumed as is the attendance of a relevant IDS course. You will be responsible for all ...
The IS Service Desk Incident Analyst will act as the single point of contact for users, provide excellent customer service and provide IS Incident ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy