Microsoft warns of active cyberattacks exploiting a zero-day vulnerability (CVE-2025-53770/71) targeting on-premises SharePoint servers used by government and businesses. The attacks do not affect SharePoint Online, but urgent updates and mitigation steps are crucial to protect vulnerable systems. #SharePointServers #ZeroDayVulnerability
Keypoints
- Cyberattacks are targeting on-premises SharePoint servers through a zero-day flaw.
- Microsoft has released security updates for SharePoint Server 2019 and Enterprise Server 2016.
- Organizations are advised to apply updates, enable AMSI, and rotate machine keys immediately.
- The FBI and CISA are collaborating to investigate and mitigate the active exploitation.
- SharePoint Online remains unaffected by the current attacks.
Read More: https://thecyberexpress.com/zero-day-vulnerability-microsoft-sharepoint/