Microsoft investigates possible leak after Chinese hackers exploit SharePoint flaw

Microsoft is investigating whether information shared through its early cybersecurity alert system might have enabled Chinese hackers to exploit a critical flaw in its SharePoint software before it was fully patched.

As reported by Bloomberg, the tech giant is focusing on a potential breach of its Microsoft Active Protections Program (MAPP), which provides cybersecurity partners with early access to details about vulnerabilities.

The company is now looking into whether one of the MAPP participants might have leaked sensitive details, allowing threat actors to launch widespread cyberattacks.

Earlier this month, Microsoft released a patch for a major vulnerability in SharePoint Server, but it failed to fully address the flaw.

Since then, multiple China-linked hacking groups, identified by Microsoft as "Linen Typhoon," "Violet Typhoon," and another unnamed group, have been actively exploiting the weakness.

According to a blog post published by Microsoft, the company first observed attempts to exploit the vulnerability on July 7.

However, before that, members of the MAPP program had already received detailed vulnerability information in late June and early July.

The flaw was initially demonstrated at the Pwn2Own cybersecurity competition in Berlin this May by Dinh Ho Anh Khoa, a researcher from Vietnamese firm Viettel. He was awarded $100,000 for ethically disclosing the issue.