Microsoft has issued an urgent warning regarding active cyberattacks targeting its SharePoint server software, widely used by government agencies and businesses for internal document sharing. The attacks exploit a previously unknown "zero-day" vulnerability, prompting immediate calls for security updates to mitigate the risk to tens of thousands of servers.
Microsoft issues urgent zero-day alert for SharePoint servers
Microsoft has alerted organisations to ongoing "active attacks" exploiting a critical vulnerability in its on-premise SharePoint server software. This flaw allows an unauthorised attacker to perform spoofing over a network, potentially enabling them to manipulate systems by appearing as a trusted entity. The attacks are classified as "zero-day" because they target a previously undiscovered vulnerability.
Key takeaways
- Targeted software: On-premise SharePoint servers used by government agencies and businesses for internal document sharing.
- Vulnerability type: A "zero-day" flaw allowing spoofing attacks.
- Impact: Tens of thousands of servers are at risk.
- Cloud status: SharePoint Online in Microsoft 365 (cloud-based) is not affected.
- Recommendations: Immediate installation of security updates; disconnection from the internet if updates cannot be applied.
Coordinated response and FBI involvement
Microsoft is coordinating closely with global cybersecurity partners, including the Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Defence Cyber Defence Command, in its response. The FBI has confirmed its awareness of the attacks and is working with federal and private-sector partners, though no further details have been provided.
Immediate action required
Microsoft has released security updates and strongly urges all affected customers to install them without delay. For organisations unable to implement the recommended malware protection or security updates immediately, Microsoft advises disconnecting their SharePoint servers from the internet until the necessary patches can be applied. Updates are currently being developed for SharePoint 2016 and 2019 versions.
