Microsoft has issued a critical alert regarding active attacks targeting on-premises SharePoint Server software. These attacks exploit a newly discovered "zero-day" vulnerability, meaning it was previously unknown to Microsoft and the public.
Impacted software: The vulnerability affects SharePoint Servers used by organizations to share documents internally.
Not affected: SharePoint Online in Microsoft 365 (cloud-based) is not impacted by these attacks.
The threat: This "spoofing" vulnerability could allow an unauthorized attacker to impersonate a trusted identity on your network.
Who is affected: Government agencies and businesses globally have been targeted.
Coordination: Microsoft is closely coordinating with agencies like CISA and the DOD Cyber Defense Command in their response.
Microsoft is urging customers to apply security updates immediately.
Apply security updates: If you are running an on-premise SharePoint Server, it is crucial to install the latest security updates as soon as possible.
Disconnect from internet (if updates not possible): For those unable to apply the recommended updates, Microsoft advises disconnecting your SharePoint servers from the internet until a security update can be installed.
Older versions: Microsoft is also working on updates for SharePoint 2016 and 2019 versions.
We understand the urgency of this situation and recommend that all affected customers prioritize these security measures. If you have any questions or require assistance, please contact Team Venti support at support@teamventi.com.