智通财经网·2025-09-10 13:49Core Viewpoint - Senator Ron Wyden has publicly accused Microsoft of significant cybersecurity negligence, leading to ransomware attacks on U.S. hospital systems, and has called for an investigation by the Federal Trade Commission (FTC) [1][2]. Group 1: Cybersecurity Issues - Microsoft is criticized for using the outdated and insecure RC4 encryption technology, which has made it easier for hackers to compromise accounts and systems [1][2]. - The attack on the Ascension healthcare system, one of the largest non-profit healthcare systems in the U.S., resulted in the shutdown of multiple hospital computer systems and the exposure of sensitive data for over 5 million patients [1]. - Wyden's office found that the attack was initiated when a contractor clicked on a malicious link returned by Bing, allowing hackers to infiltrate Ascension's network [1]. Group 2: Microsoft’s Response and Actions - A Microsoft spokesperson stated that RC4 accounts for less than 0.1% of their traffic and that the company is gradually phasing it out, with plans to disable it by default in new Active Directory installations starting in 2026 [2]. - Despite previous inquiries from Wyden regarding Kerberos security issues, the update to disable RC4 has not yet been officially released, leaving many customers vulnerable to attacks [2]. - Wyden warns that if the FTC does not take action, Microsoft's culture of neglecting cybersecurity and its monopolistic position in the operating system market could pose a national security threat [2].