The US federal government and cyber security researchers say that the recently found safety error in Microsoft SharePoint is the target of an attack.
US cyber security agency CISA sounded like alarm this weekend that hackers actively used the mistake. Microsoft has not yet offered repairs to all influencing SharePoint versions, leaving customers around the world, which are largely unable to defend the ongoing intrusion.
Microsoft said that the error is officially known as the name CVE-2025-53770influences SharePoint versions set up and dominated by companies. SharePoint lets companies save, share and manage their internal files.
Microsoft said he was working on security repairs to prevent hackers from exploiting vulnerability. An error described on the “zero day” because the seller was not given the time to correct the error until it was aware of the software versions as old as SharePoint Server 2016.
It is not yet known how many servers have been compromised so far, but small and medium -sized enterprises relying on the software are probably thousands and medium -sized companies. By Washington PostSeveral US federal agencies, universities and energy companies have already been violated.
Eye safety that first revealed an error On Saturday, it was said that it found “dozens” actively utilized Microsoft SharePoint servers at the time of release. Fault when used, allow hackers to steal private digital keys from SharePoint servers without needing login information. When hackers can distance planting malware and access to the recorded files and data. Eye security warned that SharePoint is associated with other applications such as Outlook, teams and OneDrive, which can enable online theft and data theft.
Eye security said that the fault includes the theft of the digital keys that can be used to imitate the legal requests of the server, the customers concerned must, and repair the fault and perform additional steps to rotate the digital keys to prevent hackers from restoring the server.
CISA and others have urged customers to “take immediate recommended measures”. In the absence of patch or mitigation, customers should consider removing potential impact systems from the Internet.
“If you have a SharePoint (on -site) to the Internet, you should assume that you are endangered at this point,” said Michael Sikorski, Director of Palo Alto Networks Threat Inquiry, by email to Techcrunch.
Also, it is not yet known who will be attacking on SharePoint servers, but it is the latest in the network of information network, which will target Microsoft customers in recent years.
In 2021, a Chinese hacking group called Hafnium was asked to take advantage of the vulnerability found in the Microsoft Exchange email servers by themselves, allowing for mass filtering and contact information for e-mail and contact information around the world. Hackers jeopardized more than 60,000 servers, accusing the recent Ministry of Justice, accusing two Chinese citizens of the Prime Minister of the operation.
Two years later, Microsoft confirmed the cyber attack in its cloud systems, which it directs directly, allowing Chinese hackers to steal a sensitive email signatory key that allows access to both consumer and corporate messages that the company hosts.
Microsoft has also announced repeated invasion of hackers related to the Russian government.
Do you know more about SharePoint Kyber attacks? Are you a customer? Contact this reporter via a encrypted message at zackwhittaker.1337 signal.
The earlier version of this story stated the incorrect CVE number; The story has been changed to correct vulnerability, CVE-2015-53770.
