Hackers exploit Microsoft SharePoint “zero day” vulnerability
A widespread security vulnerability in Microsoft’s ubiquitous SharePoint file hosting software let hackers have deep access to customers’ files around the world for several days, including US government agencies and state governments, businesses, and universities.
Last night, Microsoft issued one patch, but the full extent of the significant attack is not yet clear.
The US Cybersecurity and Infrastructure Security Agency (CISA) warned the public yesterday that the exploit “provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.”
This vulnerability is known as a “zero day” exploit, meaning the vulnerability existed in public code published by Microsoft, was unknown to the company at the time of discovery, and all customers running the affected code are potentially vulnerable to it.
The Washington Post reports that “tens of thousands” of SharePoint servers are at risk, and there aren’t any firm clues yet regarding the origin of the hacking attacks.
CISA, the US Homeland Security division tasked with coordinating responses to cyberattacks on critical infrastructure, has been the subject of deep cuts from Elon Musk’s DOGE and President Trump’s massive tax bill. The Post notes that CISA incident response teams have been cut by 65%, which appears to have slowed CISA’s response to the threat.
Last night, Microsoft issued one patch, but the full extent of the significant attack is not yet clear.
The US Cybersecurity and Infrastructure Security Agency (CISA) warned the public yesterday that the exploit “provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network.”
This vulnerability is known as a “zero day” exploit, meaning the vulnerability existed in public code published by Microsoft, was unknown to the company at the time of discovery, and all customers running the affected code are potentially vulnerable to it.
The Washington Post reports that “tens of thousands” of SharePoint servers are at risk, and there aren’t any firm clues yet regarding the origin of the hacking attacks.
CISA, the US Homeland Security division tasked with coordinating responses to cyberattacks on critical infrastructure, has been the subject of deep cuts from Elon Musk’s DOGE and President Trump’s massive tax bill. The Post notes that CISA incident response teams have been cut by 65%, which appears to have slowed CISA’s response to the threat.
