Microsoft is responding to a widespread cyberattack targeting its SharePoint server software. The attacks exploit a previously unknown vulnerability, referred to as a zero-day exploit, to compromise systems. This allows attackers to potentially access sensitive data, system files, and configurations, and move across the Windows domain.
The vulnerability impacts self-hosted SharePoint servers, which are used by organisations to share documents and collaborate. Cloud-based SharePoint Online is not affected. Microsoft has released security updates and urges customers to apply them immediately. If updates cannot be applied, disconnecting vulnerable servers from the internet is recommended.
Cybersecurity analysts estimate that approximately 100 organisations have been compromised, including government entities, universities, and businesses. The US Cybersecurity and Infrastructure Security Agency (CISA) is investigating the attack and recommends disconnecting affected servers until patches are applied. The FBI is also working with federal and private sector partners to assess the threat.
Related Articles
SharePoint Under Active Attack
Read more about SharePoint Under Active Attack →Microsoft Server Software Under Attack
Read more about Microsoft Server Software Under Attack →Microsoft Halts China-Based Engineering
Read more about Microsoft Halts China-Based Engineering →AI Uncovers Zero-Day Exploit
Read more about AI Uncovers Zero-Day Exploit →