Microsoft knew of SharePoint security flaw but failed to effectively patch it, timeline shows

A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the US tech company’s SharePoint server software that had been identified at a hacking competition in May, opening the door to a sweeping global cyber espionage operation, according to a timeline of events reviewed by Reuters.

A Microsoft spokesperson confirmed on Tuesday that its initial solution did not work. The spokesperson added that Microsoft had released further patches that fixed the issue. It remains unclear who is behind the ongoing operation,…