Hackers Exploit Security Weaknesses in Microsoft's SharePoint Software, Causing Potential Security Breaches
In a worrying development, government agencies and companies worldwide are under attack due to a newly discovered vulnerability in Microsoft's SharePoint software. The Washington Post reported on this issue based on a manager at IT security firm Palo Alto Networks, while digital security firm Crowdstrike confirmed the severity of the issue.
The vulnerability affects local servers for the SharePoint file-sharing program, potentially allowing data theft and password interception. Microsoft has confirmed the problem and published updates to fix the security gap in a blog post. Companies must immediately take risk mitigation measures and install the patch as soon as it's available, according to Charles Carmakal, chief technology officer of Google's Mandiant security firm.
The identity of those behind the attacks remains unclear initially, but attackers have already gained access to systems of dozens of organizations, both in the private sector and in government. The first signs of the attacks were reported on Friday. The US Cybersecurity and Infrastructure Security Agency (CISA) has called on affected government agencies and companies to act swiftly.
To protect themselves against this vulnerability, companies are advised to apply Microsoft patches promptly, monitor for publicly disclosed vulnerabilities, implement additional security measures, enhance user awareness, use security software and tools, and maintain a secure configuration. Companies using Microsoft SharePoint should also apply the emergency patches for CVE-2025-53770 and CVE-2025-53771, which have been exploited in attacks.
It's advisable to assume a compromise, according to Carmakal, meaning companies should behave as if they were affected by an attack, regardless of whether that's actually the case. Digital keys can be stolen by attackers, which could later provide them with unauthorized access to computer systems with closed security gaps.
Last year, suspected Chinese hackers gained access to emails in some US agencies via a vulnerability in Microsoft software. In the US, servers of two federal agencies were successfully attacked, according to the "Washington Post", but no details were given about which agencies were affected.
The Dutch security firm Eye Security has warned about this issue. By following these recommendations, companies can significantly reduce their exposure to Microsoft-related vulnerabilities and protect their data and systems effectively. It's important to note that SharePoint Online in Microsoft 365 is not affected by this vulnerability.
Economic and social policy discussions should prioritize the need for swift action in addressing the newly discovered vulnerability in Microsoft's SharePoint software, as it poses a significant threat to cybersecurity. This issue, which has already been exploited by attackers, requires immediate attention in the realm of politics and general-news, particularly in relation to the ongoing attacks on government agencies and companies worldwide.
