Microsoft alerts businesses, governments to server software attack

Microsoft has raised an alarm regarding ongoing cyberattacks targeting server applications utilized by both governmental organizations and private enterprises for internal document sharing. The technology giant has urged users to promptly implement the critical security patches it has provided. On Sunday, the FBI confirmed its awareness of these attacks and is working alongside both federal and private sector partners, although further details remain undisclosed. In a Saturday alert, Microsoft specified that the vulnerabilities are limited to on-premises SharePoint servers that organizations use internally. Importantly, the cloud-based version of SharePoint, part of Microsoft 365, is not impacted by these attacks. According to an initial report by The Washington Post, unidentified attackers have exploited a software flaw to launch these assaults against agencies and businesses in the United States and around the world. Experts described the incident as a 'zero-day' attack because it targets a vulnerability that had not been previously recognized, potentially endangering tens of thousands of servers. When queried for comments, Microsoft did not respond immediately. However, in their alert, the company detailed how the vulnerability could permit an authorized attacker to perform spoofing over a network. Spoofing attacks allow malicious actors to disguise their identity, posing as trusted individuals, organizations, or websites to mislead financial markets or government agencies. In response to the situation, Microsoft announced it has released a security patch for the SharePoint Subscription Edition and strongly urged customers to install it without delay. The company is also working on security updates for the 2016 and 2019 versions of SharePoint. Until these updates are rolled out, Microsoft advises customers who cannot implement the recommended malware protections to take their servers offline to reduce exposure to potential threats.