Chinese hackers are exploiting SharePoint vulnerabilities, Microsoft says

The bugs affecting on-premises builds of SharePoint deployments are officially being exploited by at least two major Chinese nation-state hacking units, the company said. Patches have been issued for all affected versions of SharePoint.

Chinese government-aligned hackers have exploited a batch of vulnerabilities recently disclosed in on-premises versions of Microsoft SharePoint, the tech giant said in a blog post Tuesday.

Two major China-linked groups named Linen Typhoon and Violet Typhoon have been found leveraging the vulnerabilities, which were publicly disclosed over the weekend. A third entity, dubbed Storm-2603, has also been identified, and is assessed with “medium confidence” to be a China-based group, the company said. 

The Typhoon label comes from Microsoft’s naming convention for cyber threat units. “Typhoon” is used to designate known Chinese hacking collectives tracked by company, while “Storm” variants are deemed emerging hacker groups in development.

“With the rapid adoption of these exploits, Microsoft assesses ...