Microsoft disclosed the attack also compromised some of its systems. It recently concluded that while some code files for Azure, Intune, and Exchange were accessed, no customer data was compromised. At the time, Microsoft President Brad Smith called it a moment of reckoning .
To ensure hackers didn’t modify Microsoft’s code, it crafted CodeQL queries to scan code for malicious modifications. CodeQL is a semantic code-analysis engine that’s part of GitHub and can scan code for security vulnerabilities and share this data with others to help protect their code. It builds a database around the compiling code that can be queried like a normal database. It can be used for static analysis and reactive code inspection across the enterprise.