Just a week after Microsoft acknowledged that it failed to fully close two critical SharePoint bugs with its July software updates, researchers revealed how attackers might have gained an early advantage. By digging into exploit timelines and insider accounts, researchers now believe a leak or perhaps AI-assisted reverse engineering enabled malicious actors to deploy the zero‑day attack before Microsoft’s patch rollout.
It started in May, at the security competition Pwn2Own in Berlin. On May 15, Vietnamese researcher Dinh Ho Anh Khoa demonstrated a working exploit targeting SharePoint by chaining an authentication bypass with an insecure deserialization bug. Following that demonstration, Microsoft received a detailed white paper and triggered its standard 90‑day patch process. That schedule placed the planned Patch Tuesday update in mid‑July.
However, early access to vulnerability details via Microsoft’s MAPP program occurs about 14 days before release. On June 24, select security vendors signed confidentiality agreements to review the flaws. Less than two weeks later, on July 7, attackers began exploiting the vulnerability chain. Microsoft publicly issued fixes for CVE‑2025‑49704 and CVE‑2025‑49706 on July 8—but cybercriminal groups quickly found ways to bypass them.
Trend Micro’s Dustin Childs indicates that the initial patch was too narrow and trivial to bypass. He notes that “a leak happened somewhere” between private disclosure and the patch, giving adversaries enough information to craft working exploits. ZDI and its partners confirmed that attackers could immediately circumvent the initial authentication mitigation, which they found insufficient.
Further complicating the picture, Tenable researcher Satnam Narang suggests attackers may have reverse‑engineered the vulnerability themselves. They could have used advanced AI tools—such as Google Gemini or OpenAI’s frontier models—to help map exploit logic as security researchers had. Regardless of method, the zero‑day was live in the wild before Microsoft’s fix even landed.
By mid‑July, Microsoft warned that its earlier fixes were incomplete and released critical updates for all affected SharePoint versions. Unfortunately, more than 400 organizations—including government, education, and enterprise entities—suffered compromises. Microsoft now acknowledges state‑sponsored groups and ransomware gangs exploited those vulnerabilities.
This incident raises deeper questions about vulnerability disclosure. If trusted disclosure programs leaked the information—or if AI rebuilt exploits from shared details—Microsoft and vendors may need to rethink how they distribute early access and validate patches before public release. The challenge of protecting pre‑patch windows just got more urgent—and more complex.
