Microsoft says Chinese hackers ‘exploited vulnerabilities’ in software servers

Microsoft has said Chinese hackers breached its SharePoint document software servers in a bid to target major corporations and government agencies.

The Silicon Valley firm said state-backed “threat actors” have “exploited vulnerabilities” in servers used by firms, although its cloud service has not been impacted.

It linked the attack to two main groups, Linen Typhoon and Violet Typhoon, and flagged that another China-based group, Storm-2603, had also targeted its systems.

Investigations into other actors also using these exploits are still ongoing

Microsoft said in a message to customers that it has since released “new comprehensive security updates” to deal with the incident.

It said it had “high confidence” that firms who do not install the new security updates could be targeted by the groups.

In a statement, the company added: “Investigations into other actors also using these exploits are still ongoing.”

The tech firm said the attackers had been uploading malicious scripts which are then “enabling the theft of the key material by threat actors”.

Bloomberg reported that the US agency responsible for designing nuclear weapons was among those breached in the attack.

It also reported that national governments in Europe and the Middle East have also been affected.