Several groups of Chinese computer pirates have exploited a safety defect in the Microsoft SharePoint server software, the group reported the group, which offers its customers an update of the program.
According to the latest figures published by Microsoft, in 2020, SharePoint, which allows members of the same entity (company, organization) sharing files and data, had more than 200 million active users.
The security of the cybersecurity start -up was the first to notice this failure on Saturday, which allows third parties to recover, without authorization, identifiers and then access the servers. Cybercriminals can implement malicious programs (malware) or get your hands in the files and documents housed on the servers.
Three groups of Chinese computer pirates
Microsoft confirmed this vulnerability, also on Saturday, but without offering an immediate update to fill it, several dozen institutions, including the United States government agencies, were attacked. The IT group published an update of its software on Sunday.
But, eye safety emphasized that the digital keys obtained thanks to the defect could be used even after the update and Microsoft invited its clients to rebuild internal identifiers.
On Tuesday, Microsoft said he had seen attacks from two groups of computer pirates affiliated with the Chinese government, called linen and purple typhoon in the group’s nomenclature, which gives names to unidentified pirate cells.
The Redmond company (Washington state) also detected a third Chinese collective, called Storm-2603, a priori not attached to the country’s authorities. Microsoft has published elements with the methods used by pirates to take advantage of this defect.
SharePoint software is sometimes used in the company’s own servers or organization, which do not automatically update its programs, unlike the cloud.
In 2023, Chinese pirates had exploited a programming defect in the Microsoft Remote Email Administration Software and access to emails from the United States government officials.
Source: BFM TV
