Ellen Nakashima, Yvonne Wingett Sanchez, and Joseph Menn report:
Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching U.S. federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers.
The U.S. government and partners in Canada and Australia are investigating the compromise of SharePoint servers, which provide a platform for sharing and managing documents. Tens of thousands of such servers are at risk, experts said, and Microsoft has issued no patch for the flaw, leaving victims around the world scrambling to respond.
The “zero-day” attack, so called because it targeted a previously unknown vulnerability, is only the latest cybersecurity embarrassment for Microsoft.
Read more from the Washington Post at MSN.