See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

UNITED STATES, JUL 22 – Microsoft's initial July patch for the critical SharePoint vulnerability was incomplete, enabling China-based groups to exploit over 9,000 servers worldwide, cybersecurity firms reported.

  • Microsoft identified a critical vulnerability in its SharePoint server software in May at a Berlin hacking competition organized by Trend Micro.
  • The flaw, dubbed ToolShell, allowed hackers—including alleged China-linked groups—to exploit SharePoint servers before and after initial patches in July.
  • Cybersecurity firms noticed ongoing attacks targeting over 8,000 possibly compromised servers, affecting government agencies and major industries in the US and Germany.
  • Microsoft named three Chinese-linked hacking groups abusing these flaws and warned attackers will continue targeting unpatched systems despite further patches.
  • The events highlight the risks of delayed or incomplete patching, urging organizations to update SharePoint immediately and strengthen security to prevent persistent breaches.
Insights by Ground AI
Does this summary seem wrong?

45 Articles

TechXploreTechXplore
Reposted by
The spokesman-ReviewThe spokesman-Review
Center

Tally of Microsoft victims surges to 400 as hackers exploit SharePoint flaw

The number of companies and organizations compromised by a security vulnerability in Microsoft Corp.'s SharePoint servers is increasing rapidly, with the tally of victims soaring more than six-fold in a few days, according to one research firm.

Read Full Article
DawnDawn
Lean Left

Microsoft says some SharePoint server hackers now using ransomware

Spy campaign began after Microsoft failed to fully patch a security hole in its SharePoint server software.

·Pakistan
Read Full Article
WiredWired
Lean Left

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

·United States
Read Full Article
Fox BusinessFox Business
Lean Right

Microsoft identifies Chinese hacking groups behind persistent SharePoint server attacks

Tech giant Microsoft on Tuesday said that three groups of China-based hackers were behind an ongoing cyberattack on its SharePoint file-sharing system.The Microsoft Security Response Center first published a blog about the attack against on-premises SharePoint servers on July 19, explaining that the attackers exploited vulnerabilities related to spoofing and remote code execution. SharePoint is a document-sharing platform that aims to allow user…

·United States
Read Full Article
Ars TechnicaArs Technica
Center

What to know about ToolShell, the SharePoint threat under mass exploitation

Government agencies and private industry have been under siege over the past four days following the discovery that a critical vulnerability in SharePoint, the widely used document-sharing app made by Microsoft, is under mass exploitation. Since that revelation, the fallout and the ever-increasing scope of the attacks have been hard to keep track of. What follows are answers to some of the most common questions about the vulnerability and the on…

·United States
Read Full Article
NDTVNDTV
Lean Right

Microsoft Server Hack Likely Single Actor, Over 8,000 Firms Hit

A global attack on Microsoft server software used by thousands of government agencies and businesses to share documents within organisations is likely the work of a single actor, a cybersecurity researcher said on Monday.

·New Delhi, India
Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 56% of the sources are Center
56% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

OAN broke the news in San Diego, United States on Tuesday, July 22, 2025.
Sources are mostly out of (0)

Similar News Topics

Microsoft icon

Microsoft

Hacking icon

Hacking

Business icon

Business

Technology icon

Technology

Cybercrimes icon

Cybercrimes

Cyber Security icon

Cyber Security

United States icon

United States

You have read 1 out of your 5 free daily articles.

Join millions of well-informed readers who use Ground to compare coverage, check their news blindspots, and challenge their worldview.

News
For You
SearchBlindspotLocal