2016 Microsoft security flaw in Active Directory Federation Services alleged not to be addressed, linked to 2020 SolarWinds attack.

Former Microsoft employee Andrew Harris alleges the company prioritized business interests over customer safety by not addressing a 2016 security flaw he discovered in Active Directory Federation Services. The flaw allowed hackers to bypass security measures and access sensitive cloud data, which was later exploited in the 2020 SolarWinds attack. Microsoft denies wrongdoing, insisting customer protection is a top priority.

June 13, 2024
4 Articles