Microsoft has issued an urgent warning for SharePoint Server customers about a zero-day vulnerability (CVE-2025-53770) actively exploited by threat actors. Immediate mitigation actions are recommended as a patch is still in development, with attacks risking data exfiltration and persistent access. #CVE-2025-53770 #SharePointVulnerability
Keypoints
- Microsoft warns of active exploitation of the zero-day vulnerability in SharePoint Server.
- No patch is available yet, but mitigation steps are advised to protect affected systems.
- Threat actors are exploiting the flaw to install webshells and exfiltrate cryptographic secrets.
- Security experts observe dozens of systems already compromised since mid-July.
- Organizations should implement detection, mitigation, and prepare for a future security update.