Microsoft Issues Emergency Fix for SharePoint Vulnerability
PorAinvest
martes, 22 de julio de 2025, 1:02 am ET1 min de lectura
MSFT--
The vulnerabilities were initially patched as part of the July Patch Tuesday updates, but threat actors discovered new flaws that bypassed the previous patches. These new flaws have been used to conduct ToolShell attacks on SharePoint servers, impacting over 54 organizations so far [1].
Microsoft has released emergency out-of-band security updates for Microsoft SharePoint Subscription Edition, SharePoint 2019, and SharePoint 2016 to address these vulnerabilities. The updates include more robust protections than the previous patches [1].
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerabilities to its Known Exploited Vulnerabilities catalog, with a "due date" of Monday, July 21, 2025. This means that all federal agencies are legally required to immediately fix the issue [2].
The compromise of SharePoint's internal cryptographic keys is particularly concerning, as it allows attackers to maintain access to victims' systems even after the affected servers are patched. Microsoft has advised organizations to rotate their SharePoint machine keys and investigate any signs of compromise [2].
Researchers at Palo Alto Networks have warned that the hack likely reached thousands of organizations globally, and the exploits are real, in-the-wild, and pose a serious threat [3].
Microsoft has urged users to apply the fix immediately to prevent further attacks, but the company has not yet disclosed how many organizations have been affected [3].
References:
[1] https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
[2] https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally
[3] https://www.cnbc.com/2025/07/21/microsoft-sharepoint-attack-vulnerability.html
PANW--
Microsoft is releasing an emergency fix to address a vulnerability in SharePoint software that has been exploited by hackers to attack businesses and some federal agencies. The vulnerability allows hackers to gain access to sensitive information and disrupt operations. Microsoft is urging users to apply the fix immediately to prevent further attacks. The company has not yet disclosed how many organizations have been affected.
Microsoft has released emergency security updates to address two zero-day vulnerabilities in its SharePoint software, which have been exploited in global attacks. The vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, were discovered to have been exploited in "ToolShell" attacks, compromising services worldwide [1].The vulnerabilities were initially patched as part of the July Patch Tuesday updates, but threat actors discovered new flaws that bypassed the previous patches. These new flaws have been used to conduct ToolShell attacks on SharePoint servers, impacting over 54 organizations so far [1].
Microsoft has released emergency out-of-band security updates for Microsoft SharePoint Subscription Edition, SharePoint 2019, and SharePoint 2016 to address these vulnerabilities. The updates include more robust protections than the previous patches [1].
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerabilities to its Known Exploited Vulnerabilities catalog, with a "due date" of Monday, July 21, 2025. This means that all federal agencies are legally required to immediately fix the issue [2].
The compromise of SharePoint's internal cryptographic keys is particularly concerning, as it allows attackers to maintain access to victims' systems even after the affected servers are patched. Microsoft has advised organizations to rotate their SharePoint machine keys and investigate any signs of compromise [2].
Researchers at Palo Alto Networks have warned that the hack likely reached thousands of organizations globally, and the exploits are real, in-the-wild, and pose a serious threat [3].
Microsoft has urged users to apply the fix immediately to prevent further attacks, but the company has not yet disclosed how many organizations have been affected [3].
References:
[1] https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
[2] https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally
[3] https://www.cnbc.com/2025/07/21/microsoft-sharepoint-attack-vulnerability.html
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
Comentarios
Aún no hay comentarios