Update 7/20/25: It’s confirmed that there are two zero-days exploited, and Microsoft has released a security update for SharePoint Subscription Edition.
Recent vulnerabilities in Microsoft SharePoint, labeled CVE-2025-53770 and CVE-2025-53771, have raised serious concerns. These flaws have been exploited since at least July 18th, compromising at least 85 servers worldwide, with no immediate patch available.
Previously, in May, researchers from Viettel Cyber Security showcased how they combined two existing flaws in SharePoint during an event. This exploit, called “ToolShell,” allowed hackers to execute harmful code remotely. Although Microsoft addressed these flaws in their July security updates, new methods have surfaced that let attackers bypass those fixes.
Microsoft emphasized that only on-premises SharePoint Servers are affected. SharePoint Online remains secure. They have rolled out the KB5002768 update to mitigate these vulnerabilities in the SharePoint Subscription Edition. Updates for older versions like SharePoint 2016 and 2019 are still being developed.
To further enhance security, Microsoft recommended several measures. If updates can’t be applied immediately, they suggest using the Antimalware Scan Interface (AMSI) integration to scan potentially harmful content in real-time. This feature helps detect malicious scripts before they can inflict damage.
For administrators unable to implement AMSI, the safest route is to disconnect affected SharePoint servers from the internet until an update is available. They should also rotate the ASP.NET machine keys to prevent further exploitation of compromised services.
Experts highlight that these vulnerabilities have led to unauthorized access and significant data breaches. A report from Eye Security noted that over 54 organizations, including government agencies and private companies, have faced such attacks. The speed and adaptability of attackers to exploit new vulnerabilities after patches raise alarm bells in the cybersecurity community.
Chris Butera from the Cybersecurity and Infrastructure Security Agency (CISA) stated that they are actively monitoring the situation, urging organizations to implement immediate protective measures. CISA has even added CVE-2025-53770 to their Known Exploited Vulnerability catalog, showcasing the urgency in addressing these issues for federal agencies.
To detect potential breaches, admins should check for specific files associated with the vulnerabilities and review their IIS logs for unusual activities. These steps can help organizations quickly respond to any signs of compromise.
As a response to these vulnerabilities, cybersecurity experts recommend comprehensive training for SharePoint administrators on best security practices. Keeping software updated, implementing multi-factor authentication, and regularly reviewing security protocols can significantly bolster defenses against future attacks.
The evolving nature of cyber threats makes it essential for organizations to remain vigilant. With the constant development of sophisticated attack techniques, staying informed and prepared is more crucial than ever.
Learn more about cybersecurity measures and updates.
Related Posts
Opportunity to buy OnePlus 12 with up to 16GB RAM, gaming features at a bumper discount! Know the full deal here
Meituan Launches Affordable Keeta Food Delivery in Brazil: A Game-Changing Deal Under $1 Billion!
Is Your Brain Fog a Warning Sign? Discover the Hidden Causes You Shouldn’t Ignore!
Jazz Rookie Ace Bailey Shines in Summer League Debut: Game Highlights and Performance Analysis
Everything You Need to Know About the Galaxy Watch 8: Leaked Specs, Included Bands, and Price Increases!
Norris Triumphs Over Piastri for Thrilling Austrian GP Victory!
Shocking Study Uncovers the Worst Foods Destroying Your Gut Health—Find Out What to Avoid!
Former Reality TV Star Jessie Holmes Shatters Records with Historic Win at Iditarod Trail Sled Dog Race!
Exciting Merger Alert: Charter and Cox Communications Join Forces for a Stronger Future!
Delhi University’s One-Year Postgraduate Program Set to Launch in 2026 Amid Controversy – Newz9
Confronting the Climate Crisis: How We Can Change Course Before It’s Too Late | MR Online
Unleashing Speed: A Thrilling Review of ‘F1’ – The Ultimate Formula One Spectacle
South Africa’s G20 Presidency: Advocating for Bold Global Climate Action, Says Minister
4 Key Ways NOAA Budget Cuts Will Undermine the Reliability of Weather Forecasts
Man orders girlfriend from Swiggy, company’s reply is going viral, you won’t stop laughing after seeing it
Judge Appoints New Leadership to Tackle Crisis at Rikers Island Jail
USWNT vs. Australia: Key Starting XI Insights and Lineup Highlights You Need to Know
How Vesuvius Ash Turned a Man’s Brain to Glass: Unveiling the Surprising Impact of Volcanic Eruptions
Trump Promises Future Tariff Reductions on China: What It Means for You
Unveiling China’s Latest Discovery: A Colossal New Sauropod Dinosaur Species Revealed!
