India markets close in 1 hour 22 minutes
  • BSE SENSEX

    48,006.83
    -73.84 (-0.15%)
     
  • Nifty 50

    14,380.15
    -26.00 (-0.18%)
     
  • USD/INR

    74.9475
    -0.1625 (-0.22%)
     
  • Dow

    33,815.90
    -321.41 (-0.94%)
     
  • Nasdaq

    13,818.41
    -131.81 (-0.94%)
     
  • BTC-INR

    3,637,292.75
    -438,894.75 (-10.77%)
     
  • CMC Crypto 200

    1,105.28
    -137.78 (-11.08%)
     
  • Hang Seng

    29,078.75
    +323.41 (+1.12%)
     
  • Nikkei

    29,020.63
    -167.54 (-0.57%)
     
  • EUR/INR

    90.3905
    +0.1159 (+0.13%)
     
  • GBP/INR

    103.9453
    +0.0085 (+0.01%)
     
  • AED/INR

    20.3540
    -0.0510 (-0.25%)
     
  • INR/JPY

    1.4367
    +0.0021 (+0.15%)
     
  • SGD/INR

    56.4700
    -0.0620 (-0.11%)
     

White House cites 'active threat,' urges action despite Microsoft patch

Jeff Mason
·2-min read
FILE PHOTO: A Microsoft logo is seen in Los Angeles

By Jeff Mason

WASHINGTON (Reuters) - The White House on Sunday urged computer network operators to take further steps to gauge whether their systems were targeted amid a hack of Microsoft Corp's Outlook email program, saying a recent software patch still left serious vulnerabilities.

"This is an active threat still developing and we urge network operators to take it very seriously," a White House official said, adding that top U.S. security officials were working to decide what next steps to take following the breach.

CNN on Sunday separately reported the Biden administration was forming a task force to address the hack. The White House official, in a statement, said the administration was making "a whole of government response."

While Microsoft released a patch last week to shore up flaws in its email software, the remedy still leaves open a so-called back door that can allow access to compromised servers and perpetuating further attacks by others.

"We can’t stress enough that patching and mitigation is not remediation if the servers have already been compromised, and it is essential that any organization with a vulnerable server take measures to determine if they were already targeted," the White House official said.

Already, a source told Reuters more than 20,000 U.S. organizations had been compromised by the hack, which Microsoft has blamed on China, although Beijing denies any role.

The back channels for remote access can impact credit unions, town governments and small business, and have left U.S. officials scrambling to reach victims, with the FBI on Sunday urging them to contact the law enforcement agency.

Those affected appear to host Web versions of Microsoft's email program Outlook on their own machines instead of cloud providers, possibly sparing many major companies and federal government agencies, records from the investigation suggest.

A Microsoft representative on Sunday said it was working with the government and others to help guide customers, and the company urged impacted clients to apply software updates as soon as possible.

Neither the company nor the White House has specified the scale of the hack. Microsoft initially said it was limited, but the White House last week expressed concern about the potential for "a large number of victims."

So far, only a small percentage of infected networks have been compromised through the back door, the source previously told Reuters, but more attacks are expected.

(Reporting by Jeff Mason; Additional reporting by Susan Heavey and Sarah N. Lynch in Washington and David French in New York; Editing by Lisa Shumaker)