Microsoft has reported detection of “active attacks” on the SharePoint software, which is widely used by government agencies and companies for internal document exchange. The company recommends that users install security updates immediately. About this informs The Washington Post.
The FBI confirmed that it is aware of the situation and is working with federal agencies and private partners to respond to the incident. Details are not being released at this time. In recent days, hackers have taken advantage of a previously unknown vulnerability, that is, they have carried out a so-called “zero-day attack”. As a result, the infrastructure of tens of thousands of servers, including governmental and international organizations, was compromised.
Microsoft clarified that the attack affects only on-premises versions of SharePoint that are deployed directly in organizations. The cloud version — SharePoint Online as part of Microsoft 365 — remained untouched. According to the company’s statement, the discovered vulnerability allows attackers with access to the system to carry out spoofing – changing the identity on the network, which can lead to the deception of government structures or financial organizations.
The security update is now available for SharePoint Subscription Edition users, and Microsoft strongly recommends that you install it without delay. For versions 2016 and 2019, the corresponding patches are still in development. Those who cannot activate the protection are advised to temporarily disconnect the servers from the Internet until the updates are released.
