Microsoft (MSFT) has scaled back Chinese companies’ access to its early warning system for cybersecurity flaws. The change follows a wave of hacking attacks that hit Microsoft SharePoint servers in July. Investigators believe the hackers used details from Microsoft’s own partner program to fuel the attacks.

Elevate Your Investing Strategy:

• Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence.

The program in question is called the Microsoft Active Protections Program, or MAPP. For 17 years, MAPP has given select security firms a head start by sharing details of software flaws before they are made public. The idea is that defenders can prepare in time. However, Microsoft saw a problem when some Chinese members of the program appeared linked to a sudden surge in attacks. The company says several firms will no longer receive proof-of-concept code, which is a sample that shows how a real exploit could work. Such code can help defenders patch fast, but it can also be misused by attackers.

What sparked the investigation was the timeline; Microsoft had told partners about SharePoint issues on June 24, July 3, and July 7. That last date is also when the first attacks were seen in the wild. Security experts said this suggested a leak inside the program. The attacks later spread to more than 400 groups, including U.S. government agencies such as the Department of Homeland Security and the Department of Education.

Track Record of Leaks

This is not the first time Chinese firms in MAPP have been flagged. In 2012, one company was removed after leaking code. In 2021, Microsoft suspected that leaks tied to Exchange server flaws gave rise to a global spying campaign by a group called Hafnium. This repeated pattern shows the risks of providing early access in countries where companies must report such flaws to the state.

Other major U.S. tech firms have taken different paths in China. Google (GOOG) left the market in 2010 after a major hacking case known as Operation Aurora. In that case, attackers broke into Google and other Silicon Valley firms to steal source code and spy on users. After that, Google stopped sharing sensitive data with Chinese partners and chose to run its Project Zero unit with open, global rules.

Apple (AAPL), on the other hand, still relies heavily on China for both sales and production. The company reports flaws through standard channels but has avoided programs like MAPP that share proof-of-concept code. Critics point out that Apple still complies with local rules, such as moving iCloud data for Chinese users to servers run by a state partner. Cisco (CSCO) has also kept a distance, relying on broad security notices rather than selective early sharing.

Is Microsoft Stock a Buy, Hold, or Sell?

Microsoft has the full backing of The Street’s analysts, with 32 out of 33 rating it a Buy, culminating in a Strong Buy consensus. The average MSFT stock price target stands at $624.08, implying a 23.40% upside from the current price.

See more MSFT analyst ratings

Last Words for the Investors

The change shows how Microsoft is moving closer to the model used by peers. Global cyber risk is now a core factor for large tech firms, and the way each one handles data sharing can affect trust with clients, regulators, and markets.

Disclaimer & DisclosureReport an Issue