<p>Microsoft over the weekend acknowledged active attacks targeting on-premises SharePoint servers, potentially affecting thousands of businesses and government agencies.</p>
<div class=”ad-wrapper ad-embedded”>
<div id=”halfpage” class=”ad ad-hp”>
<script>GPT.display(‘halfpage’)</script>
</div>
<div id=”mu-1″ class=”ad ad-mu”>
<script>GPT.display(‘mu-1’)</script>
</div>
</div>
<p>Security research firm Eye Security first <a href=”https://research.eye.security/sharepoint-under-siege/”>reported</a> the exploit Friday night, saying it found dozens of systems across more than 8,000 SharePoint servers actively compromised during two waves of attacks on Friday and Saturday.</p>
<p>Microsoft on Saturday released <a href=”https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/”>fixes</a> for the zero-day attacks targeting SharePoint 2019. But as of Monday morning, risks to SharePoint 2016 were still active. The company said <a href=”https://x.com/msftsecresponse/status/1947115278644473939″>on X</a> that it is working on a patch.</p>
<p>Chris Butera, acting executive assistant director for the cybersecurity division at CISA, said the government is working with Microsoft to quickly address the attacks. “Microsoft is responding quickly, and we are working with the company to help notify potentially impacted entities about recommended mitigations,” he said in a statement.</p>
<p>A March post from <a href=”https://cloudwell.io/if-your-collaboration-is-in-the-cloud-why-is-your-sharepoint-still-stuck-on-prem/#:~:text=If%20you%27re%20still%20running,a%20much%2Dimproved%20collaboration%20experience.”>Cloudwell</a> claims about 40% of organizations in the U.S. run SharePoint on-premises. While Microsoft has pushed users to adopt its cloud SharePoint products, many customers, including government agencies, <a href=”https://www.techtarget.com/searchcontentmanagement/news/252437886/SharePoint-2019-keeps-government-on-prem-fires-burning-for-now?utm_source=chatgpt.com”>still use on-premises SharePoint servers</a> because of cost and security concerns.</p>
<p>That leaves many thousands of organizations and millions of users globally at risk for this latest attack.</p>
<p>”What makes this especially concerning
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: