Microsoft has published emergency security patches to protect users from zero-day vulnerabilities affecting SharePoint Work Management software, the company said on its website. The vulnerabilities that led to spoofing attacks that steal sensitive data and passwords have affected governments, businesses and universities around the world.
“Microsoft is aware of aggressive attacks targeting on-premises SharePoint Server customers by leveraging vulnerabilities partially addressed in the July security update,” the company’s blog post published Sunday.
The vulnerability affects SharePoint software that operates on-premises, not SharePoint 365 versions running in the cloud, Microsoft said. The patches released by Microsoft are cumulative and are directed towards SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Server 2016.
The vulnerabilities labeled CVE-2025-53770 and CVE-2025-53771 were published in a Saturday blog post by Netherlands-based Eye Security.
The company calls the vulnerability a “large-scale use of new SharePoint remote code execution,” and based on its analysis, it wrote that by Saturday, dozens of systems had been actively at risk and four attacks.
Excerpts from Eye Security’s Saturday report. sauce: Eye security
According to the Cybersecurity and Infrastructure Security Agency (CISA), the chain used in attacks can be used to enable malicious actors to access SharePoint content, such as file systems and internal configurations, while also allowing code to run on the network.
Microsoft SharePoint Statistics and Other MS Vulnerabilities
More than 200,000 organizations and 190 million people use the software for content management, team sites and intranets, according to Microsoft’s SharePoint product page. However, these statistics may include users in the cloud-based version of SharePoint and users in the on-premises version affected by the vulnerability.
https://www.youtube.com/watch?v=kynq5yofkwo
The company has taken heat up in the past by security lapses. These issues include vulnerabilities in Windows 10 introduced by security updates, as well as events similar to issues affecting some SharePoint users.
In 2024, Microsoft faced scrutiny from the US Congress over a series of security vulnerabilities that put federal employees’ email accounts at risk.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
