Microsoft admits it was also hit by hackers, malware infects their Mac business unit

Graham Cluley
Graham Cluley
@[email protected]

Late on Friday, Microsoft published a statement on its security blog revealing that it was joining the growing list of well-known companies who had suffered at the hands of hackers.

Microsoft says that a “small number of computers”, including some in the company’s Mac business unit, were infected by malware.


As reported by Facebook and Apple, Microsoft can confirm that we also recently experienced a similar security intrusion.

Sign up to our free newsletter.
Security news, advice, and tips.

Consistent with our security response practices, we chose not to make a statement during the initial information gathering process. During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing.

This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries (see our prior analysis of emerging threat trends). We continually re-evaluate our security posture and deploy additional people, processes, and technologies as necessary to help prevent future unauthorized access to our networks.

If Microsoft is right, and the attack is similar to those which impacted the likes of Facebook and Apple, then a key part of the attack was the exploitation of a Java browser plug-in vulnerability.

Simply visiting an infected webpage with a browser which had Java enabled would be enough to silently infect computers via a drive-by download.

If we have to say it once, twice or a thousand times – we’ll keep on saying it:

If you don’t need Java enabled in your browser, turn it off now

Because if you don’t, yours might be the next company having to make any uncomfortable announcement about a security breach.

Like Facebook before it, Microsoft chose to release the news on a Friday afternoon, west coast time.

microsoft-170Although some might view the timing of the disclosure cynically, and speculate that the bad news was released just before the weekend to limit its pick-up by the press, the good news is that Microsoft says it has found no evidence that any customer data was compromised as a consequence of the attack.

Let’s not forget who the real villains are in this story – it’s the criminal gangs who infected legitimate websites, and spread malware designed to steal information from unsuspecting computer users.

Knowing Microsoft, I am confident that they will be sharing information with the authorities and doing everything they can to ensure that the culprits are brough to justice.

If you haven’t already done so, patch your computers and consider running anti-virus software on your Macs as well as your PCs. Clearly some of the bad guys are targeting Mac OS X, knowing that many “cool” developers prefer to write their software on shiny Apple hardware as well as dull beige PCs.

Sophos has a free Mac anti-virus for home users if you want to give it a whirl.

Microsoft image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.