Select Language:
Microsoft has raised an alert regarding “active attacks” targeting server software utilized by government agencies and businesses for document sharing within organizations. The company has recommended that clients install security updates without delay.
On Sunday, the FBI confirmed its awareness of the attacks and stated it is collaborating closely with federal and private sector partners, but did not share additional information.
In an alert released on Saturday, Microsoft specified that the vulnerabilities affect only SharePoint servers used internally. It clarified that SharePoint Online in Microsoft 365, hosted in the cloud, was not impacted by these attacks.
The Washington Post, which initially reported on the breaches, revealed that unidentified attackers had exploited a vulnerability over the past few days to target both U.S. and international agencies and businesses.
This breach is classified as a “zero-day” attack since it leverages a previously unknown security flaw, according to experts cited by the newspaper. The risk potentially affects tens of thousands of servers.
Microsoft did not provide an immediate response to a request for comment.
In its alert, Microsoft reported that one vulnerability “allows an authorized attacker to conduct spoofing across a network.” The company provided recommendations to prevent exploitations of this nature.
A spoofing attack enables the perpetrator to manipulate financial markets or organizations by disguising their identity and posing as a trustworthy individual, company, or website.
On Sunday, Microsoft announced the release of a security update for SharePoint Subscription Edition, urging users to apply it promptly.
The company is also preparing updates for the 2016 and 2019 versions of SharePoint. If users are unable to implement the recommended malware protection, Microsoft advises them to disconnect their servers from the internet until a security update becomes available.
Add us on ChatGPT
Add us on Perplexity
