Microsoft is responding to a widespread cyberattack targeting its SharePoint server software. The attacks exploit a previously unknown vulnerability, referred to as a zero-day exploit, to compromise systems. This allows attackers to potentially access sensitive data, system files, and configurations, and move across the Windows domain.
The vulnerability impacts self-hosted SharePoint servers, which are used by organisations to share documents and collaborate. Cloud-based SharePoint Online is not affected. Microsoft has released security updates and urges customers to apply them immediately. If updates cannot be applied, disconnecting vulnerable servers from the internet is recommended.
Cybersecurity analysts estimate that approximately 100 organisations have been compromised, including government entities, universities, and businesses. The US Cybersecurity and Infrastructure Security Agency (CISA) is investigating the attack and recommends disconnecting affected servers until patches are applied. The FBI is also working with federal and private sector partners to assess the threat.
Subscribe for Weekly Updates
Stay ahead with our weekly AI and tech briefings, delivered every Tuesday.
