Microsoft is sounding the alarm about “active attacks” on its SharePoint server software, a program used by thousands of government agencies and businesses to share documents within their organizations. The company is urging all customers to install critical security updates immediately.
The FBI has confirmed it is aware of the attacks and is working with its partners to address the threat. According to a report from The Washington Post, this is a “zero-day” attack, meaning the hackers are exploiting a previously unknown security flaw, which makes it particularly dangerous.
The vulnerability enables attackers to conduct “spoofing” attacks. In simple terms, this means a hacker can hide their identity and pose as a trusted person, website, or organization. This type of attack could be used to trick people into divulging sensitive information or even to manipulate financial markets.
Microsoft emphasized that the attacks only affect organizations that run their own SharePoint servers. The popular cloud-based version, SharePoint Online in Microsoft 365, is not affected by this specific vulnerability. The company said it is working closely with the U.S. government’s cybersecurity agency (CISA) and the Department of Defense to manage the situation.
The message to customers is clear and urgent: install the new security updates right away. For any organization that cannot immediately apply the patch, Microsoft’s advice is blunt: disconnect the vulnerable servers from the internet entirely until they can be properly secured.
