Kristina Roberts
Microsoft, one of the biggest technology companies in the world, is now looking into a very serious problem. The company is trying to find out if a secret cybersecurity program meant to protect people was actually the reason hackers from China were able to find and use a dangerous weakness in Microsoft’s SharePoint software. This software is used by many businesses around the world to store and manage important information. If someone breaks into it, they can steal or damage private data.
The company has something called the Microsoft Active Protections Program, or MAPP. This program shares early information about possible software problems with trusted security partners. These partners are usually other companies or researchers that work on fixing bugs and stopping hackers. Microsoft hopes that by giving them a head start, they can fix problems faster and stop cyber attacks before they begin. But now, Microsoft is worried that someone in the program may have leaked this early information to hackers. If true, this would be a very big failure of trust.
According to a report from Bloomberg News, Microsoft is checking if the information about the SharePoint flaw was leaked from the MAPP program. That flaw, or problem in the software, was supposed to be fixed with a patch (a software update) that Microsoft released. However, it turned out the patch wasn’t strong enough, and hackers were still able to use the weakness to get into systems around the world.
On Tuesday, Microsoft wrote in a blog post that two hacking groups from China — named “Linen Typhoon” and “Violet Typhoon” — were found using the SharePoint flaws. They were not working alone. Another hacker group, also from China, was involved. These groups seem to be using the weakness to spy on other countries and companies. Cybersecurity experts call this kind of activity “cyber espionage.” This means they are not just stealing information for money, but possibly for government or military reasons.
Microsoft shared with Reuters, a news agency, that they are always checking to see if their programs are safe and working well. If they find problems, they make changes right away. But now, people are asking how this big mistake happened in the first place.
The flaw in SharePoint was first shown by a researcher named Dinh Ho Anh Khoa from Viettel, a cybersecurity company based in Vietnam. He presented the problem in May at a cybersecurity conference in Berlin called Pwn2Own. This event is organized by another cybersecurity company, Trend Micro, under its Zero Day Initiative. Researchers like Dinh take part in these events to responsibly show software problems so they can be fixed before bad people find them. Dinh was rewarded $100,000 for his discovery.
Microsoft started to fix the issue in July, but members of the MAPP program were told about the problem even earlier — on June 24, July 3, and July 7. That information comes from Dustin Childs, who works at the Zero Day Initiative. He explained to Reuters that Microsoft saw the first signs of hackers trying to use the flaw on July 7.
Childs also said something very important: “The likeliest scenario is that someone in the MAPP program used that information to create the exploits.” That means someone who was trusted with the early warning may have passed it on or used it in the wrong way. He added, “It’s not clear which vendor was responsible, but since many of the exploit attempts come from China, it seems reasonable to speculate it was a company in that region.”
This is not the first time something like this has happened. More than ten years ago, Microsoft found out that a Chinese company named Hangzhou DPTech Technologies Co., Ltd. had broken their trust and shared secret information. Microsoft removed that company from the MAPP program. At that time, Microsoft wrote in a blog post, “We recognize that there is the potential for vulnerability information to be misused. In order to limit this as much as possible, we have strong non-disclosure agreements (NDA) with our partners. Microsoft takes breaches of its NDAs very seriously.”
A non-disclosure agreement is like a promise that says you won’t share certain information with anyone else. If someone breaks that promise, especially with sensitive security details, it can lead to major problems.
This recent situation is troubling because it shows how a program meant to protect people might have been used to do the opposite. MAPP was designed to give good people — like cybersecurity experts — a chance to stop hackers in time. But if bad actors got hold of that early information, it means that hackers may always be one step ahead.
Cyber attacks can cause real harm. They can shut down businesses, steal money, and even affect national security. So when a big company like Microsoft is possibly involved in letting secrets slip, the whole tech world pays attention.
Now, Microsoft must find out exactly what went wrong. Was it really someone in the MAPP program who leaked the information? Or was the information stolen in some other way? Until they know for sure, people who use SharePoint are being told to update their systems as soon as possible and keep watching for any signs of strange activity.
This event also raises a bigger question: How can companies like Microsoft share security information without letting it fall into the wrong hands? Sharing helps protect users, but it also brings risk. It’s a careful balance between trust and danger.
If Microsoft confirms that the leak came from one of its trusted partners, it might change how the company shares security warnings in the future. They may tighten their rules, choose fewer partners, or even find new ways to stop hackers without giving away too much information too soon.
In the world of cybersecurity, every second matters. A leak, even by accident, can open the door to attacks that affect people across the globe. And when the name “Microsoft” is involved, the impact is even bigger — because so many companies, schools, and governments depend on their products every day.
Now, all eyes are on Microsoft as they work to fix the issue, find the truth, and make sure their protection systems stay strong.
