Slashdot: Microsoft Releases Emergency Patches for Actively Exploited SharePoint Zero-Days

Source URL: https://it.slashdot.org/story/25/07/21/1523207/microsoft-releases-emergency-patches-for-actively-exploited-sharepoint-zero-days?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Microsoft Releases Emergency Patches for Actively Exploited SharePoint Zero-Days

Feedly Summary:

AI Summary and Description: Yes

Summary: Microsoft has issued urgent security updates addressing two zero-day vulnerabilities in SharePoint, allowing remote code execution and the theft of private digital keys. With over 10,000 companies at risk, security measures are crucial for administrators to prevent exploitation.

Detailed Description: The information highlights critical security vulnerabilities affecting SharePoint installations, specifically identified as CVE-2025-53770 and CVE-2025-53771. These vulnerabilities, categorized under zero-day exploits, have been actively used in attacks known as “ToolShell.” Their significance is underscored by the direct potential for remote code execution on affected SharePoint servers.

– **Zero-Day Vulnerabilities**: The vulnerabilities in question are zero-day, meaning they are exploited before the vendor (Microsoft) has issued an official patch.
– **Remote Code Execution**: This exploit allows hackers to execute malicious code on compromised servers, bypassing standard authentication measures.
– **Information Theft**: The vulnerabilities enable the theft of private digital keys, which could be used to perform additional attacks, including the installation of malware.
– **Impact Scope**: Reports indicate that more than 10,000 companies are at risk, particularly in markets such as the U.S., Netherlands, U.K., and Canada.
– **Integration Risks**: The exploitation of SharePoint poses risks not only to SharePoint servers but also to associated services like Outlook, Teams, and OneDrive, potentially allowing further network compromise.
– **Manufacturer Guidance**: Microsoft has begun releasing patches for SharePoint 2019 and Subscription Edition but has yet to finalize updates for SharePoint Server 2016. Administrators are urged to implement updates promptly and rotate machine keys to bolster security.

This situation underlines the importance of prompt response and ongoing vigilance in the area of infrastructure security, especially for organizations utilizing SharePoint within their operations. Security and compliance professionals need to act swiftly to mitigate risks associated with these vulnerabilities.