Microsoft is issuing an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched, Bloomberg News reported on Friday.

Investors are desensitized to cyberattacks and have other issues on their mind ahead of Microsoft’s earnings report next week, analysts say.

Victims of the recent global hacking campaign include the National Institutes of Health and the National Nuclear Security Administration, officials said.

Federal cybersecurity officials have issued a warning to Microsoft users about a security flaw allowing hackers to access to certain SharePoint systems.

Microsoft contained a major SharePoint security flaw, amid fresh questions about the future of its legacy on-premises software.

Microsoft has released security patches for the zero-day vulnerability chain dubbed ToolShell, capable of remote code execution on SharePoint, resulting in the exploitation of at least 54 organizations worldwide.

While organizations may have a variety of reasons for sticking with on-premises Microsoft SharePoint servers, widespread attacks targeting the servers are grounds to “re-do their risk calculus” and newly explore cloud-based options,