https://www.infosecurity-magazine.com/news/microsoft-failings-china/
Me thinkz if they "admit failings" it's to cover for intentional malfeasance.
Look into contracts let by Burns when he ran the Carnegie Endowment (Chinese money). He hired a "trusted Microsoft partner" to modify Microsoft code.