Some source code from Microsoft was accidentally leaked to the “Solorigate” hacking group as 000s of organizations were impacted by malware embedded in the SolarWinds Orion security product updates.  While it’s likely no major exploits will be crafted, it’s important to continue tracking developments for one of top attacks in recent years.

Microsoft Affirms Solorigate Attackers Saw Azure, Intune and Exchange Source Code —

Microsoft has reconfirmed that the “Solorigate” advanced persistent threat attackers saw some of its source code, although “only a few individual files were viewed.”   The company had indicated last month that some of its source code was viewed, although not modified, by the attackers who are thought to be part of a nation-state espionage group.

Microsoft was more specific about what was viewed. Source code was viewed for the following software components:

    • a small subset of Azure components (subsets of service, security, identity)
    • a small subset of Intune components
    • a small subset of Exchange components