Microsoft said in a written statement a small number of its computers had been infiltrated but there was no evidence any customer data had been compromised, The Seattle Times reported Saturday.
The cyberattack came in the wake of a similar move against Facebook and used similar techniques, the newspaper said. The door was opened when Facebook employees visited an outside developer's website, which had been compromised.
The website hosted a so-called exploit that allowed a malware to infect the Facebook employees' laptops. Those computers have since been cleansed and patched.
Facebook traced the intrusion to China, the BBC said.
Beijing has denied a recent report by a U.S. security firm accused a unit of China's military of directing the government's involvement in industrial espionage.