Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows
Tired of too many ads?
Remove Ads
Tired of too many ads?
Remove Ads
A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the US tech company's SharePoint server software that had been identified at a hacking competition in May, opening the door to a sweeping global cyber espionage operation , according to a timeline of events reviewed by Reuters.A Microsoft spokesperson confirmed on Tuesday that its initial solution did not work. The spokesperson added that Microsoft had released further patches that fixed the issue. It remains unclear who is behind the ongoing operation, which targeted around 100 organisations over the weekend and is expected to escalate as other hackers join the fray. Microsoft said in a blog post that two allegedly Chinese hacking groups , dubbed " Linen Typhoon " and "Violet Typhoon," were exploiting the vulnerabilities, along with another China-based hacking group.Microsoft and Alphabet's Google have said that China-linked hackers were likely behind the first wave of hacks. Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies carrying out hacking operations. In an emailed statement, the Chinese embassy in Washington said China opposes all forms of cyberattacks, and "smearing others without solid evidence." The vulnerability that facilitated the attack was first identified in May at a hacking competition in Berlin organised by cybersecurity firm Trend Micro, which offered cash bounties for the discovery of computer bugs in popular software.It offered a $100,000 prize for "zero-day" exploits - which are called that because they leverage previously undisclosed digital weaknesses that could be used against SharePoint, Microsoft's flagship document management and collaboration platform.A researcher working for the cybersecurity arm of Viettel, a telecommunications firm operated by Vietnam's military, identified a SharePoint bug at the event, dubbed it "ToolShell" and demonstrated a method of exploiting it. The researcher was awarded $100,000 for the discovery, according to a post on X by Trend Micro's "Zero Day Initiative."In a statement, Trend Micro said it was the responsibility of vendors participating in its competition to patch and disclose security flaws in "an effective and timely manner." "Patches will occasionally fail. This has happened with SharePoint in the past," the statement said. Microsoft said in a July 8 security update that it had identified the bug, listed it as a critical vulnerability, and released patches to fix it.About 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers. "Threat actors subsequently developed exploits that appear to bypass these patches," British cybersecurity firm Sophos said in a blog post on Monday.The pool of potential ToolShell targets remains vast.According to data from Shodan, a search engine that helps identify internet-linked equipment, over 8,000 servers online could theoretically have already been compromised by hackers.Those servers include major industrial firms, banks, auditors, healthcare companies, and several U.S. state-level and international government entities.The Shadowserver Foundation, which scans the internet for potential digital vulnerabilities, put the number at a little more than 9,000, while cautioning that the figure was a minimum. It said most of those affected were in the United States and Germany, and the victims included government organisations. Germany's federal office for information security, BSI, said on Tuesday it had found SharePoint servers within government networks that were vulnerable to the ToolShell attack but none had been compromised.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
&w=3840&q=100)
Business Standard
12 minutes ago
- Business Standard
IRCTC blocks over 25 million user IDs. Here's what led to the move
This follows data analysis that flagged suspicious activity; Aadhaar now mandatory for Tatkal bookings Apexa Rai New Delhi The Indian Railway Catering and Tourism Corporation (IRCTC) has deactivated more than 25 million user IDs to tackle misuse and irregularities in the ticket booking process. Railway Minister Ashwini Vaishnaw made this revelation during a Rajya Sabha session on July 25. Responding to a query raised by Member of Parliament AD Singh, the minister said the decision was made after extensive analysis revealed that these user accounts had suspicious credentials. 'To curb malpractices in the ticket booking system, IRCTC has recently deactivated over 2.5 crore user IDs,' Vaishnaw said. Why were so many IDs deactivated? According to the Vaishnaw, IRCTC used data-driven analysis to identify accounts that were likely being used to manipulate or exploit the booking system, often by unauthorised agents or bots to hoard tickets unfairly. This move aims to enhance transparency and ensure that genuine passengers can access tickets more easily and fairly. New rules for Tatkal bookings To further improve fairness in the ticketing process, Indian Railways has rolled out several new measures: From July 1, 2025, Tatkal tickets can only be booked via the IRCTC website or mobile app by users who have verified their identity through Aadhaar. Agents are restricted from booking Tatkal tickets during the first 30 minutes after reservations open each day. Digital payment options are now available even at railway reservation counters, making the system more inclusive and user-friendly. Boosting transparency and access. About 89 per cent of train tickets are now booked online, signalling a massive shift towards digital adoption. Special trains and additional coaches are introduced based on real-time demand monitoring, especially when waiting lists grow too long. Schemes like VIKALP (Alternate Train Accommodation Scheme) and an upgradation system are in place to help waitlisted passengers get confirmed seats and maximise usage of available train capacity. These reforms reflect Indian Railways' broader push to modernise and make train travel more seamless for everyday passengers. With the deactivation of suspicious accounts and Aadhaar-linked bookings, the goal is to ensure that the system works for genuine users—reducing exploitation and making confirmed tickets more accessible to all.
News18
21 minutes ago
- News18
Jain Irrigation net profit declines 8.5 pc to Rs 11.19 cr in Jun qtr
Last Updated: New Delhi, Jul 26 (PTI) Jain Irrigation Systems on Saturday reported an 8.5 per cent fall in consolidated net profit to Rs 11.19 crore for the latest quarter ended June 2025. Its net profit stood at Rs 12.23 crore in the year-ago period. The total income rose to Rs 1,547.68 crore in the April-June period of 2025-26 from Rs 1,479.24 crore in the corresponding period of the preceding year, according to a regulatory filing. Jain Irrigation Systems Vice Chairman and Managing Director Anil Jain said, 'In Q1 of FY26, the company experienced good demand for Micro Irrigation Systems, Tissue Culture, Exports and Solar Agri Pumps. We saw good growth in revenue and margins in Hi-Tech Agri division". Due to the early monsoon in May, he said the company saw an impact on demand for pipe. 'Margins for pipe business were also under pressure due to lack of demand," Jain said. He said the company's focus towards retail and exports has shown better results in terms of revenue growth and margins. 'With well-spread monsoon and the government's commitment to investment in infrastructure, we expect revival of demand for piping business in H2FY26," Jain said. In 2024-25, the Maharashtra-based Jain Irrigation Systems had posted a net profit of Rs 25.69 crore on a total income of Rs 5,793.24 crore. The company is engaged in the manufacturing of micro irrigation systems, PVC P pipes, HDPE pipes, plastic sheets, agro-processed products, renewable energy solutions, tissue culture plants, financial services and other agricultural inputs. PTI MJH BAL BAL view comments First Published: July 26, 2025, 15:15 IST Disclaimer: Comments reflect users' views, not News18's. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use and Privacy Policy.
Time of India
40 minutes ago
- Time of India
South Delhi plot resold for Rs 18 crore profit in six months
Akhil Wable , founder of DataforIndia , has acquired a 1,280-square yard plot in Vasant Vihar for Rs 113 crore from Eleannt Enterprises. The South Delhi-based real estate firm had purchased the plot for Rs 95 crore in January this year and paid Rs 6.65 crore in stamp duty. Explore courses from Top Institutes in Please select course: Select a Course Category Degree CXO Project Management Product Management PGDM Cybersecurity Data Science healthcare MCA MBA Management Artificial Intelligence Operations Management Others Leadership Data Analytics Digital Marketing others Design Thinking Public Policy Finance Technology Data Science Healthcare Skills you'll gain: Data-Driven Decision-Making Strategic Leadership and Transformation Global Business Acumen Comprehensive Business Expertise Duration: 2 Years University of Western Australia UWA Global MBA Starts on Jun 28, 2024 Get Details Sources said the local authority is not granting permission to construct on the plot due to its proximity to the ridge area. ET had reported in May that Eleannt Enterprises had bought the plot in one of the costliest land deals in South Delhi. 'South Delhi has shown a considerable appetite for real estate. The fact that only a limited inventory comes into the market, especially from owners looking to monetise their assets, means they find both investors and end-users willing to pay a premium. This has led to unprecedented price appreciation. For example, transactions in Vasant Vihar currently are happening at around Rs 9–12 lakh per sq. yd,' said Ankur Jalan, CEO of Golden Growth Fund, a Category-II real estate-focused Alternative Investment Fund (AIF). Recently, Golden Growth Fund (GGF) acquired a land parcel in Neeti Bagh in South Delhi. The real estate potential of South Delhi, one of India's most upscale regions, is estimated at Rs 5.65 lakh crore. Around 18,446 plots are available across the 42 Category A, B, and C colonies in South Delhi, with sizes ranging from 125 square yards to 1,750 square yards. The average price ranges between Rs 6–15 lakh per square yard, data showed. The Municipal Corporation of Delhi (MCD) has classified all colonies in Delhi into eight categories—A, B, C, D, E, F, G, and H. Circle rates, property tax rates, and stamp duty charges for property registration are determined based on these categories. The most lucrative colonies, those under Categories A and B, are mostly located in South Delhi. Around 3,704 plots are available in the 13 Category A colonies, with sizes ranging from 200 sq. yd to 1,200 sq. yd. Approximately 12,720 plots are available in the 27 Category B colonies, with sizes ranging from 125 sq. yd to 1,750 sq. yd, according to the data. Category A and B colonies include Mayfair Garden, Panchsheel Park (N, S, and E Blocks), Sadhna Enclave, Anand Niketan, Vasant Vihar, Shanti Niketan, Westend, Chanakyapuri, Golf Links, Jor Bagh, Sundar Nagar, Maharani Bagh, Chirag Enclave, Greater Kailash, Green Park, Gulmohar Park, and Niti Bagh, among others.
