Microsoft issues urgent alert over cyberattack targeting server software

Microsoft has issued a critical security warning to businesses and government agencies about active cyberattacks exploiting a vulnerability in on-premises SharePoint servers, urging immediate application of security updates to prevent breaches. SharePoint Online in Microsoft 365 is not affected.

The FBI confirmed its awareness of the attacks and stated it is working with other federal and private partners, though no further details were provided.

According to The Washington Post, the attack was carried out by unidentified hackers exploiting a previously unknown “zero-day” vulnerability, allowing infiltration of servers in the U.S. and internationally. Experts warned that tens of thousands of servers are potentially at risk.

Microsoft said the flaw could allow authenticated attackers to conduct network spoofing, creating major security risks. The vulnerability also has phishing implications, as attackers could impersonate trusted entities to manipulate users or systems, leading to financial or data theft.

To counter the threat, Microsoft has released a security update and announced that patches for SharePoint 2016 and 2019 are in progress. For organizations unable to apply the fix immediately, Microsoft advised disconnecting servers from the internet as a precaution.

While Microsoft has not provided further public comment, the advisory stresses the urgency of the threat and the risk of widespread disruption if unaddressed. The attack highlights the ongoing rise in sophisticated cyber threats targeting critical IT infrastructure and the importance of timely security updates and strong cybersecurity practices.