It was late February, and Microsoft Corp. engineers had been working for weeks on a handful of alarming weaknesses in the company’s popular Exchange email service. They were rushing to send out a fix, targeting the second Tuesday of March — part of a monthly ritual known in cybersecurity circles as "patch Tuesday.”
The hackers got a head start. Following weeks of discreet attacks, Chinese hackers shifted into high gear. The result was a sprawling campaign that engulfed thousands of organizations in a matter of days.
Something had gone wrong. What is normally a relatively smooth process — the one Microsoft uses regularly for identifying and fixing weaknesses in its popular software — has morphed into a global cybersecurity crisis now consuming the attention of the White House.