Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage
Microsoft said on Tuesday that, in addition to other actors, it has seen multiple China-linked hacking groups exploiting the flaw, which is specifically present in older versions of SharePoint that are self-hosted by organizations. It does not impact the newer, cloud-based version of SharePoint that Microsoft has been encouraging customers to adopt for many years. Bloomberg first reported on Wednesday that one of the victims is the United States National Nuclear Security Administration, which oversees and maintains US nuclear weapons.
'On-premises' or self-managed SharePoint servers are a popular target for hackers, because organizations often set them up such that they are exposed on the open internet and then forget about them or don't want to allocate budget to replace them. Even if fixes are available, the owner may neglect to apply them. That's not the case, though, with the bug that sparked this week's wave of attacks. While it relates to a previous SharePoint vulnerability discovered at the Pwn2Own hacking competition in Berlin in May, the patch that Microsoft released earlier this month was itself flawed, meaning even organizations that did their security diligence were caught out. Microsoft scrambled this week to release a fix for the fix, or what the company called 'more robust protections' in its security alert.
'At Microsoft, our commitment—anchored in the Secure Future Initiative—is to meet customers where they are,' said a Microsoft spokesperson in an emailed statement. 'That means supporting organizations across the full spectrum of cloud adoption, including those managing on-premises systems.'
Microsoft still supports SharePoint Server versions 2016 and 2019 with security updates and other fixes, but both will reach what Microsoft calls 'End of Support' on July 14, 2026. SharePoint Server 2013 and earlier have already reached end of life and receive only the most critical security updates through a paid service called 'SharePoint Server Subscription Edition.' As a result, all SharePoint server versions are increasingly part of a digital backwater where the convenience of continuing to run the software comes with significant risk and potential exposure for users—particularly when SharePoint servers sit exposed on the internet.
'Years ago, Microsoft positioned SharePoint as a more secure replacement for old school Windows file sharing tools, so that's why organizations like government agencies invested in setting up those servers. And now they just run at no additional cost, versus a Microsoft365 subscription in the cloud that involves a subscription,' says Jake Williams, a longtime incident responder who is vice president of research and development at Hunter Strategy. 'So Microsoft tries to nudge the holdouts by charging for extended support. But if you are exposing a SharePoint server to the internet I would emphasize that you also have to budget for incident response, because that server will eventually get popped.'
The United States Cybersecurity and Infrastructure Security Agency said in guidance about the vulnerability on Tuesday that, 'CISA recommends disconnecting public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS). For example, SharePoint Server 2013 and earlier versions are end-of-life and should be discontinued if still in use."
The ubiquity of Microsoft's Windows operating system around the world has led to other situations in which a long goodbye has created security issues for holdout users—and other organizations or individuals with connections to a vulnerable entity. Microsoft struggled to deal with the long tail of users on extremely popular Windows editions including Windows XP and Windows 7. But legacy software is a challenge for any software or digital infrastructure provider. Earlier this year, for example, Oracle reportedly notified some customers about a breach after attackers compromised a 'legacy environment' that had been largely retired in 2017.
The challenge with a service like SharePoint is that it often acts as an ancillary tool without ever being the center of attention.
'For on-premises software like SharePoint, which is deeply integrated into the Microsoft identity stack, there are multiple points of exposure that need to be continuously monitored in order to know, expose, and close critical gaps,' says Bob Huber, chief security officer at the cybersecurity company Tenable.
When asked about the alleged breach at the National Nuclear Security Administration, the Department of Energy emphasized that the incident did not impact sensitive or classified data. 'On Friday, July 18, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy, including the NNSA,' a DOE spokesperson told WIRED in a statement. "The Department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. NNSA is taking the appropriate action to mitigate risk and transition to other offerings as appropriate.'
Microsoft did not immediately return WIRED's requests for comment about the process of sunsetting SharePoint Server. The company wrote in a blog post on Tuesday that customers should keep supported versions of SharePoint Server updated with the latest patches and turn on Microsoft's 'Antimalware Scan Interface' as well as Microsoft Defender Antivirus.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
11 minutes ago
- Yahoo
China summons chip giant Nvidia over alleged security risks
Chinese internet authorities summoned Nvidia on Thursday to discuss "serious security issues" over some of its artificial intelligence (AI) chips, as the US technology giant finds itself entangled in trade tensions between Beijing and Washington. Nvidia is a world-leading producer of AI semiconductors, but the United States effectively restricts which chips it can export to China on national security grounds. A key issue has been Chinese access to the "H20", a less powerful version of Nvidia's AI processing units that the company developed specifically for export to China. The California-based firm said earlier this month that it would resume H20 sales to China after Washington pledged to remove licensing curbs that had halted exports. But the firm still faces obstacles -- US lawmakers have proposed plans to require Nvidia and other manufacturers of advanced AI chips to include built-in location tracking capabilities. And on Thursday, Beijing's top internet regulator said it had summoned Nvidia representatives to discuss recently discovered "serious security issues" involving the H20. The Cyberspace Administration of China said it had asked Nvidia to "explain the security risks of vulnerabilities and backdoors in its H20 chips sold to China and submit relevant supporting materials". The statement posted on social media noted that, according to US experts, location tracking and remote shutdown technologies for Nvidia chips "are already matured". The announcement marked the latest complication for Nvidia in selling its advanced products in the key Chinese market, where it is in increasingly fierce competition with homegrown technology firms. - Nvidia committed - CEO Jensen Huang said during a closely watched visit to Beijing this month that his firm remained committed to serving local customers. Huang said he had been assured during talks with top Chinese officials during the trip that the country was "open and stable". "They want to know that Nvidia continues to invest here, that we are still doing our best to serve the market here," he said. Nvidia this month became the first company to hit $4 trillion in market value -- a new milestone in Wall Street's bet that AI will transform the global economy. New hurdles to the firm's operation in China come as the country's economy wavers, beset by a years-long property sector crisis and heightened trade headwinds under US President Donald Trump. Chinese President Xi Jinping has called for the country to enhance self-reliance in certain areas deemed vital for national security -- including AI and semiconductors -- as tensions with Washington mount. The country's firms have made great strides in recent years, with Huang praising their "super-fast" innovation during his visit to Beijing this month. ll-pfc/mjw/fox Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
11 minutes ago
- Yahoo
Ultromics Lands $55M Series C to Tackle Undiagnosed Heart Failure at Scale
AI heart failure diagnostics innovator makes it possible to catch deadly heart failure earlier by analyzing the most common heart scan in the world and proactively alerting clinicians FDA-cleared, reimbursed by Medicare, and live in top U.S. hospitals, Ultromics is now scaling nationwide to make early heart failure detection part of routine cardiac care, wherever patients get an echo Ultromics is trained on one of the largest real-world echo datasets globally and validated across 25 peer-reviewed studies, helping close one of medicine's most dangerous diagnostic gaps, where up to 64% of heart failure cases still go undetected OXFORD, England, July 31, 2025 /PRNewswire/ -- Ultromics, a pioneer in AI-driven cardiology solutions, today announced it has raised $55 million in Series C financing. The round was co-led by L&G, Allegis Capital and Lightrock, with continued support from Oxford Science Enterprises, GV, Blue Venture Fund and Oxford University. Major U.S. health systems, including UChicago Medicine's venture investment vehicle, UCM Ventures, and UPMC Enterprises also participated in the round. Built on years of clinical study and hundreds of thousands of echo scans, Ultromics offers the first FDA-cleared, Medicare-reimbursed AI technology to help clinicians detect HFpEF and cardiac amyloidosis, two of the most elusive forms of heart failure. The company is now expanding across the U.S. to bring that capability to the hospitals and echo labs that see the highest volume of at-risk patients, aiming to make AI-enhanced diagnostics a default step in the cardiac workup. Ultromics is also expanding its pipeline to include additional cardiac conditions, new distribution channels and deeper partnerships with health systems and clinical leaders. It's a critical moment for cardiovascular care. Heart failure is rising, costs are mounting and millions of patients are still going undiagnosed, especially those with harder-to-detect forms like HFpEF and cardiac amyloidosis. In the U.S. alone, heart failure drives over $30 billion in annual healthcare costs, a number projected to exceed $70 billion by 2030. Clinicians often rely on subjective interpretation of echocardiograms, leading to missed or delayed diagnoses even when patients are actively seeking care. In fact, up to 64% of HFpEF cases go undiagnosed, and cardiac amyloidosis is frequently mistaken for more common forms of heart disease, leaving patients untreated until symptoms worsen or irreversible damage occurs. Ultromics addresses this diagnostic blind spot by using AI to extract hidden disease signals from standard echocardiograms, enabling earlier, more accurate detection of complex heart conditions—without requiring new hardware or disrupting clinical workflows. Its FDA-cleared EchoGo® platform supports diagnosis of HFpEF and cardiac amyloidosis. Trained and validated on one of the largest real-world echo datasets globally, EchoGo® generates real-time probability scores to help cardiologists identify high-risk patients earlier than traditional methods. EchoGo® is fully reimbursed under Medicare, making it scalable across hospitals, clinics, and health systems nationwide. "The reality is, hospitals already have the data, they just haven't had the tools to extract the more subtle diagnostic signals from it. By analyzing routine echocardiograms with AI, we're helping clinicians identify high-risk patients earlier, enabling intervention before disease progresses," said Ross Upton, PhD, CEO and Founder, Ultromics. "We've spent years building our platform to fit into clinical workflows, with no extra hardware and no new friction, and this funding helps us scale that across the U.S. at a moment when health systems are actively looking to combat the growing heart failure crisis." Ultromics has already analyzed more than 430,000 echocardiograms to date. In clinical studies, EchoGo® improved the detection of HFpEF by 73.6% when compared with standard clinical risk scores. The company's latest diagnostic model for cardiac amyloidosis, validated in a global study of 18 institutions and published in the European Heart Journal, outperformed current clinical risk scores while distinguishing disease from similar conditions. "Ultromics has established itself as an early-mover in the large and underserved cardiovascular disease market, having developed one of the first commercially available AI-powered diagnostic echocardiogram technologies," said Alastair Stewart, Head of Investments, Venture Capital, at L&G. "This successful Series C round is a testament to the massive opportunity for cutting-edge technology to transform how clinicians can detect and treat serious cardiovascular diseases that impact millions of people every year." With growing adoption and partnerships across flagship institutions, including UChicago Medicine, University Hospitals Cleveland, Northwestern, and Mayo Clinic, Ultromics is building regional clusters of clinical and commercial traction, particularly in high-prevalence regions like the Midwest. Its platform is helping hospitals reduce unnecessary tests, streamline workflows and initiate treatment earlier so it's more effective and less expensive. "Heart failure and cardiac amyloidosis impact millions of lives and strain healthcare systems, despite new approaches that have the potential to significantly improve patient outcomes. There is a critical need for scalable solutions that enable earlier, more accurate diagnosis and elevate the standard of care," said Umur Hursever, Partner at Lightrock. "Ultromics' AI-driven technology is already making a real-world impact, improving diagnostic accuracy, supporting clinical decisions, and expanding access to specialist care. The Lightrock team is delighted to support Ultromics' mission and growing impact." Ultromics has rapidly expanded its platform capabilities and U.S. market presence during the past year. In late 2024, the company received FDA Breakthrough Device clearance for EchoGo® Amyloidosis, followed in 2025 by the launch of EchoGo® Score, a new feature that adds AI-driven probability scoring to EchoGo® Heart Failure, helping clinicians detect HFpEF with greater nuance. These clinical advances are now supported by Medicare reimbursement for both outpatient and inpatient use, strengthening Ultromics' foundation for scaled adoption across U.S. hospitals. "There's a long-standing blind spot in cardiology where millions of patients with treatable heart failure are missed because their symptoms are subtle and echo images are hard to interpret," said Victor Westerlind, Managing Director at Allegis Capital. "What's exciting about Ultromics is how they're closing that gap. Their platform brings AI and cardiology together in a way that makes it easier for physicians to identify high-risk patients earlier. When paired with the latest treatment advances, it's a diagnostic win that will help save lives." About Ultromics Founded out of the University of Oxford, Ultromics is redefining cardiovascular care with FDA-cleared, AI-powered tools that enhance echocardiographic diagnosis. Built in partnership with the NHS and Mayo Clinic, its EchoGo® platform helps clinicians detect complex heart diseases earlier and more accurately—using nothing more than a standard ultrasound scan. Ultromics is backed by leading investors and U.S. healthcare systems and is on a mission to transform how heart disease is diagnosed and treated. For more, visit About Lightrock Lightrock is a global investment platform committed to building a sustainable future. Operating across private and public markets, Lightrock manages over $5.5 billion in assets and invests in Europe, North America, Latin America, Asia, and Africa. Lightrock is a certified B Corp with a dedicated team of over 130 professionals working across a network of six offices For more information, visit About L&G Established in 1836, L&G is one of the UK's leading financial services groups and a major global investor, with £1.1 trillion in total assets under management (as at FY24) of which c. 44% (c. £0.5 trillion) is international. We have a highly synergistic business model, which continues to drive strong returns. We are a leading player in Institutional Retirement, in Retail Savings and Protection, and in Asset Management through both public and private markets. Across the Group, we are committed to responsible investing and dedicated to serving the long-term savings and investment needs of customers and society. About Allegis Capital Allegis Capital is an early-stage venture capital firm partnering with companies that enable digital transformation across the enterprise. The firm supports founders with hands-on guidance, operational expertise, and access to a global network of industry leaders. With a long track record of building market-defining businesses, Allegis backs the teams and platforms reshaping how work gets done. Headquartered in Palo Alto, California, Allegis has been investing in enterprise innovation for over two decades. For more information, visit Photo - - View original content to download multimedia: SOURCE Ultromics Sign in to access your portfolio
CNBC
13 minutes ago
- CNBC
CATL is gaining market share in Europe as US shipments fall: Strategist
Bernstein's Neil Beveridge assesses CATL's latest earnings, and how the battery-maker is affected by macro factors like the US-China trade war, and China's EV price wars. He also talks about how CATL compares with South Korea's increasing presence in the global EV industry.
