Emergency Fix Released: Microsoft Battles Zero-Day Vulnerability in SharePoint
Microsoft has issued an emergency fix for SharePoint software due to a zero-day vulnerability. Hackers exploited this flaw, affecting businesses and possibly U.S. government agencies. Known as 'ToolShell,' the exploit risks exposing all on-prem SharePoint servers to attacks. Urgent patching and disconnection from the internet are recommended.
In a swift response to a serious security breach, Microsoft has rolled out an emergency fix to address a vulnerability in its SharePoint software, heavily utilized by businesses and U.S. government agencies. Reports indicate that hackers have leveraged this flaw in a wave of attacks.
The tech giant acknowledged the zero-day exploit, releasing guidelines to rectify the issue for SharePoint Server 2019 and SharePoint Server Subscription Edition users, though a solution for the older SharePoint Server 2016 is still in progress. 'SharePoint poses a significant risk to users,' said Adam Meyers of CrowdStrike, highlighting the widespread reliance on the software for document management and collaboration.
The Cybersecurity and Infrastructure Security Agency (CISA) identified the issue as a variant of CVE-2025-49706, emphasizing the risk to on-premise servers. Security teams globally are urged to implement patches immediately, disconnect systems from the internet, and seek professional incident response to thwart potential damages by the 'ToolShell' exploit.
(With inputs from agencies.)
- READ MORE ON:
- Microsoft
- SharePoint
- vulnerability
- cyberattack
- zero-day
- security
- patching
- CISA
- ToolShell
- exploit
ALSO READ
Bangladesh's Electoral Security Crisis: Election Commission Demands Protection Amid Rising Tensions
Insider Attack in Palmyra: Security Officer Strikes
Increased Security Sparks Speculation Around Shivraj Singh Chouhan's Political Future
Mumbai Gears Up for Lionel Messi's Visit with World-Class Security
Fortifying India's Power Grid: Cybersecurity Takes Center Stage
Google News