AInvest Newsletter
Daily stocks & crypto headlines, free to your inbox
Microsoft SharePoint Hack Exposes Sensitive Info Globally
ByAinvest
Tuesday, Jul 22, 2025 2:32 am ET1min read
Hackers exploited a security flaw in Microsoft SharePoint to breach governments, businesses, and organizations worldwide, stealing sensitive information. Microsoft released a patch for the vulnerability and is working to roll out other fixes. The breach highlights the importance of timely software updates and cybersecurity measures to protect against cyber threats.
Microsoft has released emergency security patches for two zero-day vulnerabilities in Microsoft SharePoint, following a series of high-profile cyberattacks. The vulnerabilities, tracked as CVE-2025-53770 and CVE-2025-53771, were exploited in "ToolShell" attacks, which allowed hackers to achieve remote code execution [1].The attacks, which have impacted over 54 organizations worldwide, were first identified during the Berlin Pwn2Own hacking contest in May [1]. Microsoft initially patched the vulnerabilities as part of the July Patch Tuesday updates, but threat actors discovered two new zero-day flaws that bypassed these patches. The emergency updates released by Microsoft address these flaws and include more robust protections than the previous patches [1].
Microsoft SharePoint admins are advised to install the following updates immediately, depending on the version:
- KB5002754 update for Microsoft SharePoint Server 2019 Core and KB5002753 for the Microsoft SharePoint Server 2019 Language Pack.
- KB5002760 update for Microsoft SharePoint Enterprise Server 2016 and KB5002759 for the Microsoft SharePoint Enterprise Server 2016 Language Pack.
- KB5002768 update for Microsoft SharePoint Subscription Edition [1].
After installing the updates, Microsoft urges admins to rotate the SharePoint machine keys and analyze their logs and file systems for signs of malicious activity. The company has shared a Microsoft 365 Defender query to help identify compromised servers [1].
The breach highlights the importance of timely software updates and robust cybersecurity measures to protect against cyber threats. It also underscores the need for organizations to stay vigilant and proactive in their cybersecurity efforts.
References:
[1] https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
[2] https://www.bostonglobe.com/2025/07/21/business/microsoft-sharepoint-cybersecurity-chinese-hackers-gina-raimondo/
[3] https://www.lathamreg.com/2025/07/cybersecurity-regulation-in-flux-as-trump-administration-focuses-on-evolving-foreign-and-tech-threats/
Ainvest News articles are AI-generated using advanced large language model (LLM) technology designed to analyze and synthesize publicly available data and news. While AI tools assist in producing initial drafts and insights, all AI generated content published on Ainvest is subject to comprehensive human editorial review before publication. A designated human editor reviews, verifies, and approves each article for factual accuracy, coherence, and compliance with AInvest Fintech Inc’s editorial and disclosure standards.
Despite these review procedures, the information provided may still contain inaccuracies, incomplete data, or time sensitive references due to the inherent limitations of AI generated analysis and evolving changes. The material is provided strictly for informational and educational purposes and does not constitute personalized investment, legal, or financial advice. Readers should independently verify all facts, figures, and statements before making any decision based on this content.
AInvest Fintech Inc. its affiliates, and partners accept no liability or responsibility for any direct or consequential losses arising from reliance on this content. All articles and analyses are subject to revision, update, or removal without prior notice to maintain accuracy and integrity in our publications.
Comments
No comments yet