Key Points
- Microsoft is investigating its cybersecurity alert program, known as MAPP.
- The concern is that a leak from the program may have helped Chinese hackers attack its SharePoint software.
- The investigation follows recent, widespread attacks on SharePoint servers worldwide.
- Microsoft has officially attributed the original attacks to state-sponsored hackers from China.
Microsoft is investigating whether a leak from its early alert system for cybersecurity partners contributed to Chinese hackers carrying out widespread attacks on its SharePoint software. The company is investigating the possibility that its security program, designed to prevent hacks, may have inadvertently given attackers a head start.
The program at the center of the investigation is the Microsoft Active Protections Program (MAPP). This 17-year-old system gives trusted cybersecurity companies advance notice of security flaws—sometimes up to five days before a public patch is released. The goal is to give these partners time to prepare defenses for their clients.
Now, Microsoft is examining whether this very system was the source of a leak that allowed state-sponsored Chinese hackers to exploit vulnerabilities in SharePoint before they were fixed. A Microsoft spokesperson said the company is reviewing the incident as part of its standard process to “find areas to improve.”
The news follows a recent wave of global attacks on SharePoint. This widely used server software enables businesses and government agencies to share documents.
Microsoft has officially attributed these breaches to hackers believed to be backed by the Chinese government. The investigation raises serious questions about the security of Microsoft’s processes and the trust placed in its partners.
