Microsoft is reportedly investigating whether a leak within its Microsoft Active Protections Program (MAPP), an early alert system for cybersecurity companies, allowed alleged Chinese state-backed hackers to exploit vulnerabilities in its SharePoint service before patches were widely available. The development comes after a security fix released by the tech giant earlier this month reportedly failed to fully address a critical flaw in the server software, leading to widespread cyber espionage attempts.
“As part of our standard process, we’ll review this incident, find areas to improve, and apply those improvements broadly,” a Microsoft spokesperson was quoted by Bloomberg as saying.
Meanwhile, Microsoft told news agency Reuters that it continually evaluates “the efficacy and security of all of our partner programs and makes the necessary improvements as needed.”
How Microsoft SharePoint was hacked
Last week, Microsoft acknowledged that at least two alleged Chinese hacking groups, identified as " Linen Typhoon " and " Violet Typhoon ," along with a third China-based entity, were actively exploiting these weaknesses.
The vulnerability in question was first publicly demonstrated in May by Dinh Ho Anh Khoa, a researcher with Vietnamese cybersecurity firm Viettel, at the Pwn2Own cybersecurity conference in Berlin. Khoa was awarded $100,000 for his discovery, prompting Microsoft to release an initial patch in July.
However, members of the MAPP program had already been notified of these vulnerabilities on June 24, July 3, and July 7, according to Dustin Childs, head of threat awareness for Trend Micro's Zero Day Initiative, which organises Pwn2Own.
Microsoft observed exploit attempts beginning July 7. Childs told Reuters that "the likeliest scenario is that someone in the MAPP program used that information to create the exploits." While the specific vendor responsible for a potential leak remains unclear, Childs speculated, "since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region."
“As part of our standard process, we’ll review this incident, find areas to improve, and apply those improvements broadly,” a Microsoft spokesperson was quoted by Bloomberg as saying.
Meanwhile, Microsoft told news agency Reuters that it continually evaluates “the efficacy and security of all of our partner programs and makes the necessary improvements as needed.”
How Microsoft SharePoint was hacked
Last week, Microsoft acknowledged that at least two alleged Chinese hacking groups, identified as " Linen Typhoon " and " Violet Typhoon ," along with a third China-based entity, were actively exploiting these weaknesses.
The vulnerability in question was first publicly demonstrated in May by Dinh Ho Anh Khoa, a researcher with Vietnamese cybersecurity firm Viettel, at the Pwn2Own cybersecurity conference in Berlin. Khoa was awarded $100,000 for his discovery, prompting Microsoft to release an initial patch in July.
However, members of the MAPP program had already been notified of these vulnerabilities on June 24, July 3, and July 7, according to Dustin Childs, head of threat awareness for Trend Micro's Zero Day Initiative, which organises Pwn2Own.
Microsoft observed exploit attempts beginning July 7. Childs told Reuters that "the likeliest scenario is that someone in the MAPP program used that information to create the exploits." While the specific vendor responsible for a potential leak remains unclear, Childs speculated, "since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region."
You may also like
Production company behind Rebel Wilson's directorial debut sues the actress
Trinamool worker succumbs to severe assault in Bengal's Murshidabad; family points finger at BJP
CM Dhami recommends CBI probe in LUCC chit fund scam
UK heatwave: Met Office reveals which parts of country will bask in hot weather
Naxalites killed in encounters: 4 eliminated in Chhattisgarh; 3 in Jharkhand
