"I urge the FTC to investigate Microsoft and hold the company responsible for the serious harm it has caused by delivering dangerous, insecure software to the US government and to critical infrastructure entities, such as those in the US healthcare sector,"
"Without timely action, Microsoft's culture of negligent cybersecurity, combined with its de facto monopolization of the enterprise operating system market, poses a serious national security threat and makes additional hacks inevitable."
Senator Ron Wyden accused Microsoft of delivering insecure default-configured software that helped cybercriminals cripple Ascension, a nonprofit operating over 140 US hospitals. A contractor clicked a malicious Bing result, downloading malware that exploited known weaknesses in Microsoft's default configurations to escalate privileges, move laterally, and deploy ransomware across thousands of machines. The attack disrupted surgeries, forced staff to use pen and paper, and exposed personal and medical data of roughly 5.6 million patients. Wyden cited the decades-old 'Kerberoasting' vulnerability and Microsoft's continued use of RC4 instead of AES, urging the FTC to investigate and hold Microsoft accountable for national security risks.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]