6, and officially informed Microsoft about it on Feb. Reston, Va.-based Volexity first identified attacks on the flaws on Jan.
5, from a principal security researcher for security testing firm DEVCORE who goes by the handle “ Orange Tsai.” DEVCORE is credited with reporting two of the four Exchange flaws that Microsoft patched on Mar. Pressed for a date when it first became aware of the problem, Microsoft told KrebsOnSecurity it was initially notified “in early January.” So far the earliest known report came on Jan. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange?
Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program. Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion.
0 kommentar(er)
