Trending Now

21/07/2025
  1. Home
  2. Business
  3. Microsoft issues urgent security patch after ‘active attacks’ on document-sharing software

Has Microsoft Issued an Urgent Security Patch After ‘Active Attacks’ on Document-Sharing Software?

By NationPress 21/07/2025
Click to start listening
Has Microsoft Issued an Urgent Security Patch After ‘Active Attacks’ on Document-Sharing Software?

Synopsis

Microsoft has announced an urgent security patch due to active attacks on SharePoint servers. This critical update is essential for organizations using this software for document sharing. Stay informed to protect your data!

Key Takeaways

  • Microsoft has issued an urgent security patch for SharePoint servers.
  • Active attacks are targeting on-premises SharePoint Server customers.
  • Cloud-based SharePoint Online remains unaffected.
  • Organizations must rotate machine keys and restart IIS after updates.
  • Federal agencies have a deadline to apply necessary fixes.

New Delhi, July 21 (NationPress) The tech powerhouse Microsoft has rolled out an urgent security patch following reports of active attacks against server software utilized by government entities and businesses for document sharing within their organizations.

Microsoft has indicated that the vulnerabilities are specific to SharePoint servers operating within organizations. The cloud-based SharePoint Online as part of Microsoft 365 remains unaffected by the ongoing attacks, the company stated.

“Microsoft has detected active attacks aimed at on-premises SharePoint Server clients, which exploit vulnerabilities only partially addressed by the July Security Update,” the tech company revealed in its security advisory.

The company has urged customers to implement the recommended security updates without delay.

The FBI has also acknowledged awareness of these attacks and is collaborating closely with both federal and private-sector partners.

This vulnerability is linked to a scenario of remote code execution resulting from the deserialization of untrusted data in on-premises versions of Microsoft SharePoint Server.

Microsoft confirmed that the information released is accurate, and any previous inconsistencies do not alter the advice provided to customers.

“After applying the latest security updates or enabling AMSI, it is vital for customers to rotate SharePoint server ASP.NET machine keys and restart IIS on all SharePoint servers,” Microsoft advised.

“If AMSI cannot be enabled, rotating your keys is necessary after installing the new security update,” it added.

The CISA has included the ‘CVE-2025-53770’ vulnerability in its Known Exploited Vulnerabilities (KEV) catalog, mandating that Federal Civilian Executive Branch (FCEB) agencies apply the necessary fixes by July 21, 2025.

“Microsoft has introduced security updates that provide complete protection for customers using SharePoint Subscription Edition and SharePoint 2019 against the threats posed by CVE-2025-53770 and CVE-2025-53771. Customers are encouraged to implement these updates immediately to ensure their safety,” the company stated in its security announcement.

Point of View

It is imperative to highlight the significance of immediate action regarding security vulnerabilities. Microsoft's timely alert serves as a crucial reminder for organizations to remain vigilant and proactive in safeguarding sensitive information. The ongoing collaboration between federal agencies and the private sector underscores the collective responsibility in combating cyber threats.
NationPress
21/07/2025

Frequently Asked Questions

What is the nature of the security patch released by Microsoft?
The security patch addresses vulnerabilities in on-premises SharePoint servers that are being actively exploited in attacks.
Are SharePoint Online users affected by these attacks?
No, SharePoint Online users within Microsoft 365 are not impacted by the ongoing attacks.
What should organizations do after applying the security updates?
Organizations must rotate SharePoint server ASP.NET machine keys and restart IIS on all SharePoint servers.
What is the deadline for federal agencies to apply the fixes?
Federal Civilian Executive Branch agencies must apply the necessary fixes by July 21, 2025.
How can customers ensure their protection against these vulnerabilities?
Customers should apply the latest security updates provided by Microsoft immediately.
Tags: Microsoft security patch SharePoint vulnerabilities active attacks on SharePoint document-sharing software security urgent security updates Microsoft security updates news Microsoft SharePoint server issues SharePoint Online attacks FBI awareness of SharePoint vulnerabilities CISA vulnerabilities catalog

Related Posts

Who is Sanjay Kaul, the new MD and Group CEO of GIFT City?

Who is Sanjay Kaul, the new MD and Group CEO of GIFT City?

21/07/2025
How has the number of RRBs been reduced from 43 to 28?

How has the number of RRBs been reduced from 43 to 28?

21/07/2025
Did India’s Listed Startups Secure Over $5 Billion from Public Markets in FY25?

Did India’s Listed Startups Secure Over $5 Billion from Public Markets in FY25?

21/07/2025
Why Did Dodla Dairy’s Q1 Profit Fall by 3.4% to Rs 62.8 Crore?

Why Did Dodla Dairy’s Q1 Profit Fall by 3.4% to Rs 62.8 Crore?

21/07/2025

Follow Us

Popular Posts

Categories

Newsletter

Tags

Modi News IPL 2025 Sensex News Technology News Health News Sports News Rahul Gandhi News