China Claims U.S. Exploited Microsoft Flaw to Breach Military Networks

A growing cybersecurity rift between China and the U.S. has erupted into the open, as Beijing accuses Washington of hijacking a Microsoft email server vulnerability to infiltrate Chinese military networks. The allegation isn’t just about technical exploits, it’s a flashpoint in the broader battle for digital dominance.

According to China’s Ministry of State Security, American intelligence agencies leveraged a zero-day flaw in Microsoft’s Exchange Server software to conduct a "systematic cyberattack" targeting its military and government institutions. The breach, they claim, was not incidental; it was deliberate and calculated, reportedly compromising internal communications and sensitive data.

This isn’t the first time this Exchange Server vulnerability has made headlines. The same flaw was part of a major global exploit in 2021. But China’s claims go further: they assert that the U.S. conducted "tens of thousands of malicious cyber activities" against Chinese entities last year alone, painting Washington as the aggressor in an ongoing cyber cold war.

The U.S. has not responded directly to the latest claims, but the backdrop is familiar. American officials have previously accused China of state-backed hacking, especially through groups like Hafnium, which was tied to earlier Exchange Server intrusions. This time, the tables have turned. China is accusing the U.S. of the same tactics it has long denied.

A report by straitstimes.com adds that China is demanding accountability not just from the U.S. but also from Microsoft, citing the tech giant’s "failure to promptly patch critical vulnerabilities" as a security risk to global infrastructure. The report emphasizes growing international concerns over the private sector’s role in geopolitical cyber conflicts.

What makes the situation more volatile is the lack of public forensic evidence. While Beijing asserts the cyberattacks are backed by state-level resources, it has yet to release detailed indicators of compromise (IOCs) or attribution data. That ambiguity leaves the global security community split.

As both nations invest heavily in offensive cyber capabilities, this latest incident underscores how vulnerabilities in commercial software can be weaponized in geopolitical conflicts.