Microsoft warned of active cyberattacks exploiting a zero-day vulnerability in SharePoint Server, necessitating immediate action from federal agencies. This critical threat allows attackers to execute code remotely without authentication. Security experts revealed fundamental flaws in vendor threat assessments, citing vulnerabilities that have gone unpatched despite specific patches being issued. The zero-day exploit raises concerns about the inadequacies of conventional patching schedules for collaboration infrastructure, emphasizing the need for broader security strategies against vulnerability chaining.
Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update. These vulnerabilities apply to on-premises SharePoint Servers only. SharePoint Online in Microsoft 365 is not impacted.
This zero-day vulnerability challenges the long-standing enterprise assumption that collaboration infrastructure can be patched on convenience cycles.
While Microsoft issued individual patches for CVE-2025-49706 and CVE-2025-49704, they failed to patch the exploit chain fully, leaving a variant (now CVE-2025-53770) unaddressed.
In cybersecurity, a single vulnerability can pose a significant risk, but when vulnerabilities are combined, the consequences can be catastrophic.
Collection
[
|
...
]