Security News > 2021 > March > WSJ: Microsoft Probing Possible PoC Exploit Code Leak
Software giant Microsoft Corp. has launched an investigation to determine whether one of its flagship information-sharing programs sprung a leak that led to the widespread exploitation of Exchange server deployments around the world.
According to a bombshell report in the Wall Street Journal, Redmond is looking closely at its Microsoft Active Protections Program to figure out if an anti-malware partner in China leaked proof-of-concept code ahead of the availability of security updates.
The MAPP program lets Microsoft share vulnerability data to give anti-malware, intrusion prevention/detection and corporate network security vendors a head-start to add signatures and filters to protect against Microsoft software vulnerabilities.
Some of the tools used in the second wave of the attack, which is believed to have begun Feb. 28, bear similarities to "Proof-of-concept" attack code that Microsoft distributed to antivirus companies and other security partners Feb. 23, investigators at security companies say.
Microsoft had planned to release its security fixes two weeks later, on March 9, but after the second wave began it pushed out the patches a week early, on March 2, according to researchers.
One focus of the investigation has been an information-sharing program called the Microsoft Active Protections Program, which was created in 2008 to give security companies a head start in detecting emerging threats.
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)