Critical Server Flaw Under Attack: Microsoft Urges Immediate Patching to Stop Ongoing Exploits

Microsoft has issued a significant cybersecurity alert, warning of ongoing "active attacks" on SharePoint servers used by government agencies and business organisations.These servers, which are frequently used for sharing internal documents and data, are now being used by attackers through a newly identified vulnerability. 

The company stated that the attacks are specifically targeting on-premises SharePoint systems, which are servers that organisations operate and manage themselves.The cloud-based SharePoint Online, which is part of Microsoft 365, is unaffected. 

According to The Washington Post, attackers exploited “zero-day vulnerability" – a vulnerability that was unknown before to the attack — making the situation much more harmful. Because no solution was available at the time of the attack, the risk to thousands of servers worldwide increased significantly. 

The vulnerability in question allows a authorised attacker to conduct a spoofing attack over a network. In simple terms, the attacker might impersonate an actual user or system to get access and perform damaging acts while remaining undiscovered. 

Microsoft has already released a security fix for the SharePoint Subscription Edition and highly recommends that all users utilise it as soon as possible.Microsoft is still working on security patches for previous versions of SharePoint, such as 2016, and 2019. In the meantime, if patching is not possible, the business recommends temporarily disconnecting vulnerable servers from the internet to avoid additional risk. 

In today's quickly changing cyber environment, this is simply another reminder that regular upgrades and strong server security are no longer optional—they are required to protect sensitive data from sophisticated attackers.

This article is based on information from The Mint