Microsoft Limits Access to Cyber Threat Program for Chinese Companies Following SharePoint Hack

Microsoft has blocked access to its cybersecurity software for Chinese companies following allegations of abuse in a drive to infiltrate SharePoint.

Microsoft has reduced access to its cybersecurity early warning system for a few Chinese businesses after raising concerns that private data from the program might have been exploited in a hacking attack against its popular SharePoint servers.

Following a flurry of intrusions last month that Microsoft and other analysts partially attributed to Beijing, the action was taken. Despite China’s denials of involvement, the attacks’ timing sparked worries that information given through Microsoft’s Active Protections Program (MAPP), which is intended to provide security vendors with early warning of vulnerabilities, might have leaked.

Microsoft notified MAPP participants about SharePoint vulnerabilities on June 24, July 3, and July 7, according to earlier reports. When the first efforts at exploitation were discovered on July 7, cybersecurity professionals suspected that a rogue participant had shared or misused the data.

Microsoft announced in a statement that it will no longer supply “proof of concept code,” a tool that mimics malware and is intended to assist defenders in patching systems rapidly but can also be exploited by hackers.

“We take steps – both known and confidential – to prevent misuse because we are aware that the information we provide could be exploited,” Microsoft continued. Participants are subject to a constant screening process, and those who breach our terms—which forbid taking part in offensive attacks—are suspended or removed.