Microsoft suffered an embarrassing security incident at the weekend after the company's YouTube channel was taken over by hackers who replaced the firm's videos with their own.
Microsoft appeared to have wrested back control of the channel at the time of writing, but the incident is the second time in a week that a high-profile YouTube site has been hacked, after hardcore pornography was briefly uploaded to Sesame Street's channel.
Sophos senior technology consultant Graham Cluley explained in a blog post that the videos uploaded to the Microsoft site were of only three of four seconds in length and "typically call on other internet users to post video responses, create new background images for the channel or provide sponsorship".
One of the most likely explanations is that a Microsoft employee with a username and password to access the account somehow allowed it to be phished or obtained by a third party, said Cluley.
However, there could be another explanation, according to a comment on one of the videos highlighted by Cluley, which would explain how the channel was hacked.
"He legitimately made the account Microsoft when YouTube wasn't that big but the REAL Microsoft probably asked YouTube to disable it and give it to them. The flaw is that this account was probably still linked to this kid's email and Microsoft forgot to change it," he said.
"So all this kid had to do was recover this account using his old email. Not that hard. That's probably how the other big channels got 'hacked'."
OnePlus 3T canned to make way for imminent OnePlus 5 with Snapdragon 835, 8GB memory and dual camera
OnePlus 3T to be prematurely retired on 1 June - perhaps indicating plans for an imminent OnePlus 5 launch
Thunderbolt 3 goes royalty-free as Intel bids to persuade more OEMs to adopt its connectivity standard
Intel adds native support for Thunderbolt 3 and USB 3.1 gen 2 to microprocessors
Open source solutions provider makes acquisition in bid to shore up cloud development tools business
Aims to "end data bottlenecks"