SharePoint Servers Under Cyberattack

SharePoint Servers Under Cyberattack

22 July 2025

Microsoft is responding to a widespread cyberattack targeting its SharePoint server software. The attacks exploit a previously unknown vulnerability, referred to as a zero-day exploit, to compromise systems. This allows attackers to potentially access sensitive data, system files, and configurations, and move across the Windows domain.

The vulnerability impacts self-hosted SharePoint servers, which are used by organisations to share documents and collaborate. Cloud-based SharePoint Online is not affected. Microsoft has released security updates and urges customers to apply them immediately. If updates cannot be applied, disconnecting vulnerable servers from the internet is recommended.

Cybersecurity analysts estimate that approximately 100 organisations have been compromised, including government entities, universities, and businesses. The US Cybersecurity and Infrastructure Security Agency (CISA) is investigating the attack and recommends disconnecting affected servers until patches are applied. The FBI is also working with federal and private sector partners to assess the threat.

AI generated content may differ from the original.

Published on 21 July 2025
microsoftcybersecuritysharepointzerodayexploit
  • SharePoint Under Active Attack

    SharePoint Under Active Attack

    Read more about SharePoint Under Active Attack
  • Microsoft Server Software Under Attack

    Microsoft Server Software Under Attack

    Read more about Microsoft Server Software Under Attack
  • Microsoft Halts China-Based Engineering

    Microsoft Halts China-Based Engineering

    Read more about Microsoft Halts China-Based Engineering
  • AI Uncovers Zero-Day Exploit

    AI Uncovers Zero-Day Exploit

    Read more about AI Uncovers Zero-Day Exploit
SharePoint Servers Under Cyberattack