and access some of its source code, Microsoft said on Thursday, something experts said sent a worrying signal about the spies' ambition.
Microsoft had already disclosed that like other firms it found malicious versions of SolarWinds' software inside its network, but the source code disclosure — made in a— is new. After Reuters reported it was breached two weeks ago, Microsoft said it had not "found any evidence of access to production services."
Modifying source code — which Microsoft said the hackers did not do — could have potentially disastrous consequences given the ubiquity of Microsoft products, which include the Office productivity suite and the Windows operating system. But experts said that even just being able to review the code could offer hackers insight that might help them subvert Microsoft products or services.
"The investigation, which is ongoing, has also found no indications that our systems were used to attack others," it said.