Microsoft has released urgent security patches for actively exploited vulnerabilities in on-premises SharePoint Server, including a high-severity remote code execution flaw. These updates are crucial to prevent attackers from using chained exploits to compromise organizations such as banks, government agencies, and healthcare institutions. #CVE-2025-53770 #CVE-2025-53771 #SharePointSecurity
Keypoints
- Microsoft released security updates for SharePoint Server vulnerabilities actively exploited in the wild.
- The vulnerabilities include a remote code execution flaw and a spoofing path traversal issue.
- Organizations are advised to apply the latest patches, enable AMSI, and rotate ASP.NET machine keys.
- High-profile targets, including banks and government agencies, are at immediate risk due to active exploitation.
- CISA has added CVE-2025-53770 to its KEV catalog, requiring urgent patching for Federal agencies.
Read More: https://thehackernews.com/2025/07/microsoft-releases-urgent-patch-for.html