To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,11020491,00.htm

Microsoft hack update: Damage limitation underway
Microsoft is attempting to play down the significance of the hack reported last week, denying any source code was stolen or altered. It has also hit out at ongoing rumours which suggest the attacks may have begun three months ago.

By Graham Hayday

Published: Monday 30 October 2000

However, the software giant has admitted the hacker "may have viewed the source code for a single future product under development" but did not specify which product.

The Wall Street Journal - which first broke the story - alleged that the attack could have begun three months ago, and that the integrity of code under development in Redmond, including that of Windows ME and the next version of Windows 2000, may have been compromised.

In an official statement issued today, the software giant said that it became aware of the hack "shortly after it first occurred", and tracked the perpetrator's activities over the period 14 October to 25 October.

The company claims no customers have or will be affected by the incident.

It reiterated its belief that "there is no evidence the intruder gained access to the source code for Office or any Windows products".

The statement continues: "There is no evidence to suggest that any of Microsoft's online services have been or will be affected by the incident. The security breach did not involve a security vulnerability in any Microsoft product. We have no evidence to suggest that the hacker gained any other access to any other source code."

A report in Sunday's New York Times said Microsoft believes access was probably gained via a remote worker's PC. The report also suggests staff first noticed the problem on 17 October, when new accounts were discovered that did not match normal audit logs.

According to the report, Microsoft then monitored the intruder for two days as he or she created new accounts with varying degrees of access to the network. It was during this time the intruder came across the source code.

Microsoft is continuing to investigate the incident with the FBI.