Microsoft released emergency security updates after detecting ongoing cyberattacks against SharePoint Server installations. Hackers target the document-sharing platform used by government agencies and corporate organizations across various sectors. The vulnerabilities affect only on-premises SharePoint servers while cloud-based SharePoint Online services remain secure. The Federal Bureau of Investigation confirmed awareness of these attacks and maintains coordination with public and private sector partners.
Remote code execution flaws enable attackers to exploit untrusted data deserialization within affected server versions. The US Cybersecurity and Infrastructure Security Agency designated CVE-2025-53770 as a known exploited vulnerability requiring immediate federal agency remediation. Federal agencies must implement protective measures by July 21, 2025, according to established compliance requirements. Microsoft emphasizes that customers should install security patches immediately and rotate SharePoint server machine keys after applying updates to ensure complete protection against these active threats.
Remote code execution flaws enable attackers to exploit untrusted data deserialization within affected server versions. The US Cybersecurity and Infrastructure Security Agency designated CVE-2025-53770 as a known exploited vulnerability requiring immediate federal agency remediation. Federal agencies must implement protective measures by July 21, 2025, according to established compliance requirements. Microsoft emphasizes that customers should install security patches immediately and rotate SharePoint server machine keys after applying updates to ensure complete protection against these active threats.
