New Delhi, July 21 After noticing “active attacks” on server software that businesses and government agencies use to share documents within their organizations, tech giant Microsoft has released an urgent security patch.
Microsoft claims that only SharePoint servers used by businesses are susceptible to the flaws. The organization reported that the attacks did not affect cloud-based SharePoint Online in Microsoft 365.
In a security advisory, the tech giant stated, “Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.”
The business advised clients to install security updates right away.
Additionally, the US FBI stated that it is closely collaborating with its federal and private-sector partners and is aware of the attacks.
The vulnerability pertains to an instance of remote code execution that occurs when untrusted data is deserialized in Microsoft SharePoint Server on-premise versions.
Microsoft stated that the previously published content is accurate and that it has no bearing on the company’s customer guidance.
Microsoft stated that “it is critical that customers rotate SharePoint server ASP.NET machine keys and restart IIS on all SharePoint servers after applying the latest security updates above or enabling AMSI.”
It further stated, “After installing the latest security update, you will need to rotate your keys if you are unable to enable AMSI.”
The “CVE-2025-53770” vulnerability has been added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch (FCEB) agencies must implement the fixes by July 21, 2025.
Microsoft has published security updates that completely shield users of SharePoint 2019 and SharePoint Subscription Edition from the threats presented by CVE-2025-53770 and CVE-2025-53771. In its security update, the company advised customers to install these updates right away to make sure they were protected.
Source – sarkaritel.com
For more news visit our site: Click here
