Microsoft announced that 
state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but didn’t mention that it has long used China-based engineers to maintain the product.
Screenshots of Microsoft’s internal work-tracking system show that China-based employees have recently fixed bugs for SharePoint “OnPrem,” the version of the software involved in last month’s attacks.
It’s unclear if Microsoft’s China-based staff had any role in the SharePoint hack. Allowing China-based personnel to perform technical support and maintenance on US government systems poses major security risks.
propublica.org/article/micros
state-sponsored hackers had exploited vulnerabilities in its popular SharePoint software but didn’t mention that it has long used China-based engineers to maintain the product.
Screenshots of Microsoft’s internal work-tracking system show that China-based employees have recently fixed bugs for SharePoint “OnPrem,” the version of the software involved in last month’s attacks.
It’s unclear if Microsoft’s China-based staff had any role in the SharePoint hack. Allowing China-based personnel to perform technical support and maintenance on US government systems poses major security risks.
propublica.org/article/micros
Quote
Byron Wan
@Byron_Wan
National Nuclear Security Administration, a Department of Energy arm responsible for maintaining and designing the nation’s cache of nuclear weapons, was among those US agencies breached by a hack of Microsoft’s SharePoint document management software.
Microsoft has