"This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries," said Matt Thomlinson, general manager of Trustworthy Computing Security at Microsoft, in the company's blog post. "During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations. We have no evidence of customer data being affected and our investigation is ongoing," Thomlinson added.
Microsoft did not clarify when the incident happened, andplans to make any statement publicly while it gathered information about the attack.
Seperately, Microsoft's Azure cloud storage service was inaccessible worldwide on Firday at 12:44 PM PST, due to an expired SSL certificate.
This did not impact HTTP traffic. Microosft says it has executed repair steps to update SSL certificate on the impacted clusters and has recovered to over 99% availability across all sub-regions. The company warned thatsome of its customers might experience intermittent failures and apologized for any inconvenience caused.