The change follows a ProPublica report that outlined how Microsoft’s use of Chinese engineers left U.S. defense clients vulnerable to cybersecurity risks.

Good morning. Microsoft says Chinese hackers exploited flaws in its software. Meme stock fever is spreading like it’s 2021. And heavy metal icon Ozzy Osbourne dies at age 76. Listen to the day’s top stories.

Microsoft recently patched two major flaws in SharePoint on-prem instances, but the effects could be long-lasting.

Chinese "threat actors" have hacked some Microsoft SharePoint servers and targeted the data of the businesses using them, the firm has said.

A U.S. lawmaker on Thursday pressed the U.S. Defense Department for further details on what information the U.S. military shared with Chinese engineers as part of a cloud computing services contract with Microsoft.

Last year, the Department of Homeland Security released a scathing report detailing Microsoft’s mistakes during a 2023 hack in which China stole thousands of emails from top government officials. Two years before that, China-linked cyberattackers compromised more than 250,000 Microsoft Exchange servers.

A series of cyberattacks targeting Microsoft collaboration software, specifically SharePoint, have been linked to Chinese hackers and threat actors.

Following criticism of the company’s use of Chinese workers to advise on operation of Department of Defense cloud systems, Microsoft has changed its policy.