AInvest Newsletter
Daily stocks & crypto headlines, free to your inbox
Microsoft Issues Emergency Fix for SharePoint Vulnerability
ByAinvest
Tuesday, Jul 22, 2025 1:02 am ET1min read
Microsoft is releasing an emergency fix to address a vulnerability in SharePoint software that has been exploited by hackers to attack businesses and some federal agencies. The vulnerability allows hackers to gain access to sensitive information and disrupt operations. Microsoft is urging users to apply the fix immediately to prevent further attacks. The company has not yet disclosed how many organizations have been affected.
Microsoft has released emergency security updates to address two zero-day vulnerabilities in its SharePoint software, which have been exploited in global attacks. The vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, were discovered to have been exploited in "ToolShell" attacks, compromising services worldwide [1].The vulnerabilities were initially patched as part of the July Patch Tuesday updates, but threat actors discovered new flaws that bypassed the previous patches. These new flaws have been used to conduct ToolShell attacks on SharePoint servers, impacting over 54 organizations so far [1].
Microsoft has released emergency out-of-band security updates for Microsoft SharePoint Subscription Edition, SharePoint 2019, and SharePoint 2016 to address these vulnerabilities. The updates include more robust protections than the previous patches [1].
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerabilities to its Known Exploited Vulnerabilities catalog, with a "due date" of Monday, July 21, 2025. This means that all federal agencies are legally required to immediately fix the issue [2].
The compromise of SharePoint's internal cryptographic keys is particularly concerning, as it allows attackers to maintain access to victims' systems even after the affected servers are patched. Microsoft has advised organizations to rotate their SharePoint machine keys and investigate any signs of compromise [2].
Researchers at Palo Alto Networks have warned that the hack likely reached thousands of organizations globally, and the exploits are real, in-the-wild, and pose a serious threat [3].
Microsoft has urged users to apply the fix immediately to prevent further attacks, but the company has not yet disclosed how many organizations have been affected [3].
References:
[1] https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
[2] https://therecord.media/microsoft-sharepoint-zero-day-vulnerability-exploited-globally
[3] https://www.cnbc.com/2025/07/21/microsoft-sharepoint-attack-vulnerability.html
Ainvest News articles are AI-generated using advanced large language model (LLM) technology designed to analyze and synthesize publicly available data and news. While AI tools assist in producing initial drafts and insights, all AI generated content published on Ainvest is subject to comprehensive human editorial review before publication. A designated human editor reviews, verifies, and approves each article for factual accuracy, coherence, and compliance with AInvest Fintech Inc’s editorial and disclosure standards.
Despite these review procedures, the information provided may still contain inaccuracies, incomplete data, or time sensitive references due to the inherent limitations of AI generated analysis and evolving changes. The material is provided strictly for informational and educational purposes and does not constitute personalized investment, legal, or financial advice. Readers should independently verify all facts, figures, and statements before making any decision based on this content.
AInvest Fintech Inc. its affiliates, and partners accept no liability or responsibility for any direct or consequential losses arising from reliance on this content. All articles and analyses are subject to revision, update, or removal without prior notice to maintain accuracy and integrity in our publications.
Comments
No comments yet