
Microsoft has issued a serious warning about ongoing cyberattacks targeting its SharePoint server software, which is used by businesses and government agencies to share internal documents. The company urged customers to apply security updates right away to protect their systems from being compromised.
According to Microsoft, only the on-premises versions of SharePoint servers are affected. SharePoint Online, which is part of the Microsoft 365 cloud service, has not been impacted by these attacks. This distinction highlights the increased risk for organisations using older or locally hosted systems.
The FBI has confirmed it is aware of the situation and is working closely with federal and private-sector partners. However, the agency has not released further information on the source of the attacks or the extent of the damage.
The cyberattack, first reported by The Washington Post, has been described as a “zero-day” attack, meaning hackers used an unknown flaw to break into systems. Experts say tens of thousands of servers may be vulnerable worldwide.
Microsoft explained that the flaw allows attackers to conduct spoofing attacks—where hackers disguise themselves as trusted users or websites to gain access or manipulate systems. This technique can be especially dangerous in financial or government environments.
To address the issue, Microsoft released a security patch for SharePoint Subscription Edition and is working on updates for the 2016 and 2019 versions. Until patches are available, users unable to apply protections are advised to disconnect affected servers from the internet.