Microsoft was reported by ProPublica to have ignored warnings by former employee Andrew Harris regarding the presence of the Golden SAML vulnerability in its Active Directory Federation Services offering years before it had been leveraged to facilitate the widespread SolarWinds software supply chain hack in 2020, according to CRN.
Article Link: Report: Vulnerability in SolarWinds hack dismissed by Microsoft | SC Media