Microsoft has issued an urgent alert to government agencies and businesses regarding “active attacks” on its SharePoint server software a widely used platform for internal document sharing and collaboration. The company disclosed that the attacks are exploiting a previously unknown vulnerability, making it a classic case of a “zero-day” exploit.
In a statement released over the weekend, Microsoft confirmed that the security flaw affects on-premises versions of SharePoint Server and not the cloud-based SharePoint Online in Microsoft 365. The vulnerability enables an authorized attacker to carry out spoofing over a network, allowing them to impersonate trusted entities and potentially gain unauthorized access to sensitive systems and data.
“We’ve been coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity partners globally throughout our response,” said a Microsoft spokesperson. The company has already issued security updates and is strongly urging all affected customers to apply the patches without delay.
The Washington Post first reported the incident, citing that unknown threat actors had exploited the flaw to launch attacks targeting U.S. and international government agencies and businesses. According to cybersecurity experts quoted by the newspaper, tens of thousands of servers could be at risk.
Spoofing attacks are particularly dangerous because they allow malicious actors to disguise themselves as legitimate users, organizations, or websites. Such attacks can lead to widespread data breaches, financial manipulation, and operational disruption, especially in government systems and critical infrastructure.
The FBI acknowledged the attacks and stated it is working with federal and private-sector partners but provided no further details. Microsoft, in the meantime, has urged organizations using SharePoint 2016 and 2019 versions to either apply the security updates immediately or disconnect their servers from the internet if unable to do so.
The alert is a stark reminder of the increasing complexity and frequency of cyber threats. Organizations are advised to remain vigilant, ensure regular patch management, and review cybersecurity protocols to minimize vulnerabilities to zero-day attacks.
