14 DAY TRIAL // Just like any other software company out there, Microsoft is constantly calling for its customers to update the apps running on their computers because this way they can remain fully secure against any attacks attempting to exploit old vulnerabilities.
But it turns out that, in its rush to convince customers to do that, Microsoft actually forgot to do it on its own servers, as a website that was designed to help the company express its views on the US government surveillance programs got hacked this morning.
Digital Constitution was launched in 2013, after Edward Snowden started making the headlines with stunning revelations about surveillance programs going on in the United States, with Microsoft using the website not only to express its views on this approach but also to convince customers that it did whatever was possible to protect them.
Running an old Wordpress version
Earlier today, however, the website was displaying unusual content in the top frame that appeared to be coming from an online casino, while the upper side of the website was full of hidden keywords that are usually implemented to rank better in search engine results.
Needless to say, Microsoft doesn’t need to come down to such practices, and as ZDNet is reporting, the company’s website got hacked by either an individual or a group that’s yet to claim the attack.
Obviously, this isn’t something critical, but it’s kind of worrying that Microsoft was using an old WordPress version to keep its site up. The latest version of WordPress is 4.2.2 and Microsoft was using 4.0.5.
Microsoft moved very fast to clean the website after it got injected with the casino code, so the page is now up and running in the standard form, with no malicious content. It remains to be seen if someone claims the attacks and if any damages were done in the process.