White House cites ‘active threat’, calls for action despite Microsoft patch by Reuters

White House cites ‘active threat’, calls for action despite Microsoft patch by Reuters

by

© Reuters. ARCHIVE PHOTO: A Microsoft logo is seen in Los Angeles

By Jeff Mason

WASHINGTON (Reuters) – The White House on Sunday urged computer network operators to take additional steps to assess whether their systems were targeted in the midst of a hack Microsoft Corp (NASDAQ 🙂 Outlook e-mail program, saying that a recent software patch still left serious vulnerabilities.

“This is an active threat still under development and we ask network operators to take it very seriously,” said a White House official, adding that top US security officials are working to decide what next steps to take. after the breach.

On Sunday, CNN reported separately that the Biden government was forming a task force to deal with the hack. The White House official, in a statement, said the government was giving “a general government response”.

Although Microsoft released a patch last week to correct flaws in its e-mail software, the remedy still leaves a so-called back door open that could allow access to compromised servers and perpetuate further attacks by others.

“We cannot emphasize enough that patching and mitigation are not remediation if the servers have already been compromised, and it is essential that any organization with a vulnerable server takes steps to determine whether they have already been targeted,” said the White House official.

A source has already told Reuters that more than 20,000 American organizations have been compromised by the hack, which Microsoft attributed to China, although Beijing denies any participation.

Support channels for remote access can affect credit unions, city governments and small businesses, and have left US officials struggling to reach victims, with the FBI urging on Sunday to contact the law enforcement agency.

Those affected appear to be hosting Web versions of Microsoft Outlook’s e-mail program on their own machines, rather than cloud providers, possibly saving many major companies and federal government agencies, the investigation records suggest.

A Microsoft representative said on Sunday that he is working with the government and others to help guide customers, and the company has asked affected customers to apply software updates as soon as possible.

Neither the company nor the White House specified the scale of the hack. Microsoft initially said it was limited, but the White House last week expressed concern about the potential for “a large number of victims”.

So far, only a small percentage of infected networks have been compromised through the back door, the source previously told Reuters, but more attacks are expected.

Disclaimer: Fusion Media I would like to remind you that the data contained on this website are not necessarily real-time or accurate. All CFDs (stocks, indices, futures) and Forex prices are not provided by exchanges, but by market makers, and therefore prices may not be accurate and may differ from the actual market price, which means that Prices are indicative and not appropriate for commercial purposes. Therefore, Fusion Media assumes no responsibility for any commercial losses that you may incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of relying on information, including data, quotes, charts and buy / sell signals contained on this website. Be fully informed about the risks and costs associated with trading in the financial markets, it is one of the most risky forms of investment possible.

Source