It bears repeating in the context of systems security, here: The difference between smart people and dumb people isn’t that smart people don’t make mistakes. They just don’t keep making the same mistakes over and over again.
M$ has always loomed large as a security issue of one sort or another, to me. Remember Active-X? Macros from hell? The first 10 versions of IIS were so rife with network vulnerabilities you dared not put them online without various certifications first, if you liked your job. More recently they’ve been hosting all sorts of hackers on Azure, and even today, I have to shame them into doing anything.
Whistleblower tells ProPublica about Microsoft’s cybersecurity lapses.
Microsoft President Grilled by Congress Over Cybersecurity Failures.
I’ve not seen enough of the technical details to get how Solawrwinds figured into the mix, but the allegation doesn’t surprise me.