A security patch Microsoft released this month completely failed to fix a critical flaw in its SharePoint server software, opening the door for a massive global cyber espionage campaign. The U.S. tech giant admitted on Tuesday that its initial fix was unsuccessful and has since released new patches to resolve the issue.
It’s unclear who initiated the spying effort, which targeted approximately 100 organizations over the weekend, but it’s expected to intensify as more hackers join in. Microsoft has identified three alleged Chinese hacking groups, although the Chinese government denies any involvement in these activities. The attack exploits a “zero-day” vulnerability—a previously unknown bug—first discovered at a hacking competition in May.
The security flaw was first identified at a Berlin hacking contest where a researcher won a $100,000 prize for finding it. While Microsoft tried to patch it, its failed attempt left the door wide open.
The consequences are serious: Bloomberg News reported that the U.S. National Nuclear Security Administration, the agency in charge of the nation’s nuclear weapons, was among the organizations breached. Officials say no sensitive information was compromised.
The pool of potential targets remains vast. Security researchers estimate that between 8,000 and 9,000 SharePoint servers worldwide remain vulnerable, primarily in the United States and Germany. These servers belong to a wide range of organizations, including banks, hospitals, major companies, and government agencies. The incident serves as a stark reminder of how a single failed patch can have far-reaching consequences worldwide.
