{"id":129921,"date":"2025-07-21T15:14:12","date_gmt":"2025-07-21T15:14:12","guid":{"rendered":"https:\/\/www.secureitworld.com\/?post_type=news-post&#038;p=129921"},"modified":"2025-07-21T15:16:33","modified_gmt":"2025-07-21T15:16:33","slug":"microsoft-sharepoint-vulnerability-hits-globally","status":"publish","type":"news-post","link":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/","title":{"rendered":"Microsoft SharePoint Vulnerability Hits Globally: Affects Government Agencies, Businesses &#038; Universities"},"content":{"rendered":"<p>Microsoft on Sunday announced security patches for an active \u201czero-day,\u201d targeting the company\u2019s critical on-premises SharePoint servers used by agencies, government, universities, and businesses globally.<\/p>\n<p>The zero-day attack is identified as CVE-2025-53770 with a CVSS score of 9.8, a variant of CVE-2025-4970 (CVSS score: 8.8). It mainly allows attackers to perform remote code execution and spoofing by exploiting the flaws and incorrect path limitations within the <a href=\"https:\/\/windowsforum.com\/threads\/critical-sharepoint-vulnerability-exploits-highlight-urgent-security-measures-for-on-premises-deployments.374224\/\">SharePoint server<\/a>.<\/p>\n<p>Because it targeted an undiscovered vulnerability, the breach is referred to as a &#8220;zero-day&#8221; attack. Around tens of thousands of servers were in danger due to this.<\/p>\n<p>The alert was issued on Sunday, in which Microsoft stated that the vulnerabilities are only applicable to SharePoint servers within the organization. Additionally, they said that SharePoint Online, hosted in a cloud environment within Microsoft 365, remains unaffected.<\/p>\n<p><em>\u201cAnybody who\u2019s got a hosted SharePoint server has got a problem,\u201d <\/em>the senior VP of cybersecurity firm CrowdStrike, Adam Meyer,\u00a0stated. \u201c<em>It\u2019s a significant vulnerability<\/em>,\u201d he added.<\/p>\n<p>Currently, the FBI, CISA, and internal partners are working closely with Palo Alto Networks Unit 42 to investigate these breaches, describing it as a high-impact, ongoing threat campaign.<\/p>\n<h2>Steps to Mitigate the Microsoft SharePoint Vulnerability<\/h2>\n<p>The following are some of the steps customers can take to mitigate the potential attacks:<\/p>\n<ul>\n<li>Rotate the SharePoint ASP.NET machine keys.<\/li>\n<li>Use the latest versions of SharePoint servers (SharePoint Server 2016, 2019, and SharePoint Subscription Edition)<\/li>\n<li>Install Microsoft Defender or similar threat management software for endpoint security.<\/li>\n<\/ul>\n<p>Here\u2019s what the attackers are putting in place:<\/p>\n<p>They are primarily bypassing MFA and SSO to gain privileged access for stealing sensitive data, cryptographic keys, and more. Over the past five months, they have compromised a minimum of 54 entities, including banks, government agencies, and other organizations.<\/p>\n<p>Having access to SharePoint is challenging, as it grants control over Microsoft Teams and Outlook, thereby putting the company\u2019s sensitive data at risk.<\/p>\n<h3>How Are Organizations Alerted?<\/h3>\n<p>If you are on a SharePoint server, consider the possibility of being compromised by this attack. However, patching is not the only solution if breaches have occurred within the past 72 hours. Organizations are made aware of the attack, categorizing it as a high-priority, high-risk vulnerability. They must apply security patches and take necessary actions accordingly.<\/p>\n<p>According to a warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), CVE-2025-53770 is being actively exploited to allow arbitrary code execution over the network and unauthenticated access to SharePoint servers.<\/p>\n<p>The attack has affected organizations in the U.S., Canada, Australia, and Europe, reportedly breaching at least two U.S. federal agencies. Indeed, this is another hit to Microsoft\u2019s credibility in the cybersecurity industry. Last year, its negligence allowed Chinese hackers to breach US government emails.<\/p>\n<p>That being said, it\u2019s now time for Microsoft to place a significant focus on its security posture and avoid introducing new vulnerabilities going forward.<\/p>\n<p>To stay tuned with all the news around the cybersecurity landscape, <span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"https:\/\/www.secureitworld.com\/news\/\">click here<\/a><\/span>.<\/p>\n<hr \/>\n<p><strong>Also Read: <\/strong><span style=\"color: #3366ff;\"><a style=\"color: #3366ff;\" href=\"https:\/\/www.secureitworld.com\/blog\/google-chrome-zero-day-vulnerability-all-you-need-to-know-about\/\">Google Chrome Zero Day Vulnerability: All You Need to Know About<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft on Sunday announced security patches for an active \u201czero-day,\u201d targeting the company\u2019s critical on-premises SharePoint servers used by agencies, government, universities, and businesses globally. The zero-day attack is identified as CVE-2025-53770 with a CVSS score of 9.8, a variant of CVE-2025-4970 (CVSS score: 8.8). It mainly allows attackers to perform remote code execution and [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":129922,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","format":"standard","meta":{"_acf_changed":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[27],"tags":[283,80,81,10,124,66,51,87,11,363],"class_list":["post-129921","news-post","type-news-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-application-security","tag-cloud-computing","tag-cloud-security","tag-cyber-security","tag-cyber-threat","tag-cyberattacks","tag-cybersecurity","tag-data-protection","tag-it-security","tag-vulnerability-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft SharePoint Vulnerability Majorly Exploited<\/title>\n<meta name=\"description\" content=\"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, &amp; universities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft SharePoint Vulnerability Majorly Exploited\" \/>\n<meta property=\"og:description\" content=\"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, &amp; universities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/\" \/>\n<meta property=\"og:site_name\" content=\"Secure IT World\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-21T15:16:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"440\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/\",\"url\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/\",\"name\":\"Microsoft SharePoint Vulnerability Majorly Exploited\",\"isPartOf\":{\"@id\":\"https:\/\/www.secureitworld.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png\",\"datePublished\":\"2025-07-21T15:14:12+00:00\",\"dateModified\":\"2025-07-21T15:16:33+00:00\",\"description\":\"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, & universities.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage\",\"url\":\"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png\",\"contentUrl\":\"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png\",\"width\":1000,\"height\":440,\"caption\":\"Microsoft SharePoint Vulnerability\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.secureitworld.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"News-posts\",\"item\":\"https:\/\/www.secureitworld.com\/news-post\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft SharePoint Vulnerability Hits Globally: Affects Government Agencies, Businesses &#038; Universities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.secureitworld.com\/#website\",\"url\":\"https:\/\/www.secureitworld.com\/\",\"name\":\"Secure IT World\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.secureitworld.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft SharePoint Vulnerability Majorly Exploited","description":"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, & universities.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft SharePoint Vulnerability Majorly Exploited","og_description":"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, & universities.","og_url":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/","og_site_name":"Secure IT World","article_modified_time":"2025-07-21T15:16:33+00:00","og_image":[{"width":1000,"height":440,"url":"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/","url":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/","name":"Microsoft SharePoint Vulnerability Majorly Exploited","isPartOf":{"@id":"https:\/\/www.secureitworld.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage"},"image":{"@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage"},"thumbnailUrl":"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png","datePublished":"2025-07-21T15:14:12+00:00","dateModified":"2025-07-21T15:16:33+00:00","description":"Microsoft SharePoint vulnerability is a massive attack on the on-premises SharePoint server, targeting government agencies, & universities.","breadcrumb":{"@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#primaryimage","url":"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png","contentUrl":"https:\/\/www.secureitworld.com\/wp-content\/uploads\/2025\/07\/Microsoft-SharePoint-Vulnerability.png","width":1000,"height":440,"caption":"Microsoft SharePoint Vulnerability"},{"@type":"BreadcrumbList","@id":"https:\/\/www.secureitworld.com\/news-post\/microsoft-sharepoint-vulnerability-hits-globally\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.secureitworld.com\/"},{"@type":"ListItem","position":2,"name":"News-posts","item":"https:\/\/www.secureitworld.com\/news-post\/"},{"@type":"ListItem","position":3,"name":"Microsoft SharePoint Vulnerability Hits Globally: Affects Government Agencies, Businesses &#038; Universities"}]},{"@type":"WebSite","@id":"https:\/\/www.secureitworld.com\/#website","url":"https:\/\/www.secureitworld.com\/","name":"Secure IT World","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.secureitworld.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"brizy_media":[],"_links":{"self":[{"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/news-post\/129921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/news-post"}],"about":[{"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/types\/news-post"}],"author":[{"embeddable":true,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/comments?post=129921"}],"version-history":[{"count":1,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/news-post\/129921\/revisions"}],"predecessor-version":[{"id":129923,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/news-post\/129921\/revisions\/129923"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/media\/129922"}],"wp:attachment":[{"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/media?parent=129921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/categories?post=129921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.secureitworld.com\/wp-json\/wp\/v2\/tags?post=129921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}