Microsoft has reported a critical zero-day vulnerability in SharePoint Server, identified as CVE-2025-53770. This vulnerability permits attackers to execute code remotely on affected, on-premises SharePoint installations. Emergency patches were released on July 20 for SharePoint Server 2019 and the Subscription Edition, with ongoing development for SharePoint Server 2016. Attackers have been exploiting this vulnerability since July 18, using methods that bypass previously implemented security measures. Microsoft recommends immediate patch application and additional security measures, including enabling AMSI and rotating ASP.NET machine keys to prevent further attacks.
Microsoft has issued an urgent warning about a critical zero-day vulnerability in SharePoint Server, registered as CVE-2025-53770, allowing remote code execution.
Emergency patches for SharePoint Server 2019 and Subscription Edition were made available on July 20, with a patch for SharePoint Server 2016 anticipated soon.
Attackers have been exploiting this vulnerability since July 18, utilizing new methods to bypass security measures previously implemented in July.
To enhance security, Microsoft advises enabling AMSI and installing Defender Antivirus on all SharePoint servers, and to rotate ASP.NET machine keys after updates.
Collection
[
|
...
]