.
Microsoft has issued a critical security alert concerning active cyberattacks targeting on-premises SharePoint server software, widely utilized by government agencies and enterprises for internal document collaboration. The company is urging customers to apply available patches without delay to mitigate the risk of exploitation.
In an advisory published Saturday, Microsoft confirmed that the ongoing attacks exploit a vulnerability specific to on-premises versions of SharePoint. Cloud-based offerings, including SharePoint Online as part of Microsoft 365, remain unaffected. The flaw enables a spoofing vulnerability, which allows an authenticated attacker to impersonate trusted sources over a network—potentially facilitating unauthorized data access or manipulation.
The breach, first reported by The Washington Post, involves a zero-day exploit—indicating that the vulnerability was previously unknown and unpatched at the time of discovery. The report noted that the exploit has already been used to target multiple U.S. and international government and business entities. Cybersecurity experts warn that tens of thousands of servers could be vulnerable.
The Federal Bureau of Investigation (FBI) acknowledged the threat in a statement on Sunday, stating that it is actively monitoring the situation and coordinating efforts with other federal agencies and private sector partners. However, it declined to provide further specifics regarding the nature or source of the attacks.
In response, Microsoft has released an immediate security update for SharePoint Subscription Edition and is currently developing patches for SharePoint Server 2016 and 2019. The company advised organizations unable to deploy the required security updates to temporarily disconnect affected servers from the internet to prevent potential breaches.
Microsoft has yet to disclose further technical details or attribution regarding the origin of the cyberattacks.
Recent Random Post:
