Solarwinds exploit was via microsoft single sign-on vulnerability

The Solarwinds exploit was via a microsoft single sign-on vulnerability … which an employe had discovered years earlier … and had unsuccessfully spent years trying to get the company to address.

(Compare this to the post discovery timeline of the recent xz vulnerability.)


Placing money first will always be…

1 Like

And we’re still expected to pay this “Microsoft” company – who hands over the US’s nuclear secrets to other countries for profit – for their software, because it is supposedly so much better than GNU.