GOLD/FOREX
DUBAI 42°C
PRAYER TIMES
TECHNOLOGY
TECHNOLOGY
Technology /
Companies

Microsoft’s SharePoint servers comes under widespread cyberattack — urgent fix released

Company issues urgent security patch after ‘active attacks’ on document-sharing software

Last updated:
Balaram Menon, Senior Web Editor
2 MIN READ
Microsoft’s SharePoint servers comes under widespread cyberattack — urgent fix released

Tech giant Microsoft has released an emergency security update following reports of "active attacks" targeting its SharePoint server software used by government bodies and businesses for internal document sharing.

The company confirmed that the vulnerabilities affect only on-premises SharePoint servers. Microsoft 365's cloud-based SharePoint Online remains unaffected.

The attacks reportedly exploit a remote code execution vulnerability linked to the deserialisation of untrusted data.

 “Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update,” the company said in a security advisory. It urged organisations to apply the latest patches without delay.

The United States Federal Bureau of Investigation (FBI) has acknowledged the attacks and is coordinating closely with federal and private-sector partners.

In response, the US Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw — identified as CVE-2025-53770 — to its Known Exploited Vulnerabilities (KEV) catalogue. It has mandated all Federal Civilian Executive Branch (FCEB) agencies to implement the necessary fixes by 21 July 2025.

Microsoft clarified that while some initial documentation contained inconsistencies, the published guidance remains valid and effective.

The company further advised users to rotate SharePoint server ASP.NET machine keys and restart the IIS service after applying the updates. Those unable to enable the Antimalware Scan Interface (AMSI) must rotate their keys post-update installation.

“Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770 and CVE-2025-53771. Customers should apply these updates immediately to ensure they’re protected,” the company said.

The situation highlights growing concerns over vulnerabilities in widely used enterprise software and the need for prompt cyber hygiene across public and private sectors.

With inputs from agencies

Balaram Menon
Balaram MenonSenior Web Editor
Balaram brings more than two decades of experience in the media industry, combining sharp editorial judgment with a deep understanding of digital news dynamics. Since 2004, he has been a core member of the gulfnews.com digital team, playing a key role in shaping its identity. Passionate about current affairs, politics, cricket, entertainment, and viral content, Balaram thrives on stories that spark conversation. His strength lies in adapting to the fast-changing news landscape and curating compelling content that resonates with readers.
Show More
Related Topics:
technology

Sign up for the Daily Briefing

Get the latest news and updates straight to your inbox

Up Next

Related Stories

Emails have a way of swamping you - even before the real work starts. Let AI help cut out the mundane tasks.

AI is out to lend a hand with your daily work

3m read
Foomscrolling makes one believe that AI is replacing human professionals - an impoverished view of who we humans are.

UAE’s vision: An AI-powered human workforce

4m read
Meanwhile, Bill Gates, who stepped down from the board of Microsoft in 2020, spends 10% of his time working with teams at the software firm, including those at OpenAI, which Microsoft has backed. Gates is also boosting spending by the Gates Foundation, which he co-chairs with his ex-wife, Melinda French Gates.

Bill Gates drops from Top 10 rich list: Here's why

3m read
Iphone 16 Pro Max phones are seen on display at an Apple store in the Huangpu district in Shanghai, on June 23, 2025.

Is Apple still losing AI ground to Google, Microsoft?

3m read