Unit 42 has identified serious threats against on-premises Microsoft SharePoint servers, particularly affecting sectors like government, education, and healthcare. While SharePoint Online currently seems safe, many organizations using older versions need to act quickly.
Recently reported vulnerabilities, including CVE-2025-49704 and CVE-2025-49706, allow attackers to execute unrestricted commands on compromised systems. These weaknesses are particularly alarming because of SharePoint’s integration with Microsoft services like Office and Teams, posing risks to the entire network.
According to Microsoft, these vulnerabilities apply to SharePoint Enterprise Server 2016 and 2019, as well as the Subscription Edition. Exploits have already been observed, with attackers bypassing multi-factor authentication and gaining access to sensitive data.
This situation is evolving, prompting strong recommendations for organizations using vulnerable SharePoint versions:
- Apply all security patches immediately.
- Rotate cryptographic materials.
- Engage with cybersecurity professionals for a thorough assessment.
Palo Alto Networks urges continuous monitoring of updates from Microsoft, as the vulnerabilities are under active exploitation. They encourage organizations to assume compromise if they have public-facing SharePoint servers and to take swift action to secure their environments.
Experts note the urgency: Miguel Aguirre, a cybersecurity analyst, stated, “With the frequency of these vulnerabilities being discovered, organizations must prioritize patch management and regular security assessments.” Recent surveys reveal that up to 55% of companies are at risk due to outdated software.
To support organizations, tools like Cortex XDR can block known exploits related to these vulnerabilities and help identify exposed devices in public networks.
In summary, if you manage servers with SharePoint, it’s critical to take these threats seriously. Regular updates, a strong security posture, and quick response to potential breaches are vital to safeguarding your operations.
Related Posts
Discover the Charm: A Delightful Review of Radio Rosewood’s Cozy Ambience and Unique Truck-Free Dining Experience
War broke out over garbage in Delhi, Owaisi got angry at AAP, said – deliberately littering in Muslim areas…
Will the Franchise Tag Become Obsolete by 2025? Exploring the Future of NFL Contracts
Discover India’s First Engine-Less High-Speed Train: Luxurious Travel Experience Beyond Shatabdi and Rajdhani Express!
Ha Long Climate 2025: Join the Global Movement for Environmental Action Now!
Urgent Alert: Millions Affected as Episource Confirms Major Health Data Breach
Beware: Misleading Email from Social Security Administration Hails Trump’s Tax Cuts – What You Need to Know!
Unlocking Superman’s Secrets: Exclusive Insights from the James Gunn Spoiler Interview!
Discovering Space Planes: What They Are and How They Revolutionize Space Travel
Why Forests are Essential for Climate Resilience: Insights from the Environment Minister | EnviroNews on Climate Change & Renewable Energy
Garrett Wilson Secures 4-Year, $130 Million Contract Extension with Jets: What It Means for the Team
Why Utah State’s President Departed in Less Than 2 Years: Uncovering the Trends Behind Short Tenures of University Leaders
North Carolina Supreme Court Upholds Election Integrity: Most Challenged Ballots to Be Counted
Discovering the Allure of Darkness: A Journey Through the Mystical Isle of Rum
Senators Padilla and Cassidy Unite to Expand Access to Digital Health Services and Modernize the Healthcare System
Inside the Flight: Uncovering the Stories of Deportees on the Journey from the U.S. to South Sudan
Did Halsey secretly marry Avan Jogia? Singer’s year-end video sparks wedding speculation. – Newz9
Discover India’s Thriving MMF & Technical Textiles Market: Insights from Bhadresh Dodhia, Chairman of MATEXIL at Bharat Tex 2025
Why Vivek Ramaswamy is Parting Ways with DOGE Just as It Gains Momentum
Clarkson Dominates Game 1 of ECAC Quarterfinals Against Harvard: Key Moments and Highlights
