The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urges administrators to patch three SharePoint Server vulnerabilities that attackers are actively exploiting against Internet-exposed, on-premises SharePoint instances. Multiple outlets report that the guidance covers three flaws currently under active attack and emphasizes that two additional critical issues could further increase risk if they are not addressed. CISA’s notification indicates that the exploited vulnerabilities are being used to compromise vulnerable systems, prompting immediate remediation steps for affected environments. The reporting also describes two of the involved vulnerabilities as having been targeted as zero-days, underscoring that exploitation is ongoing and that the known issue timelines may be short. Taken together, the coverage highlights the need for organizations hosting on-premises SharePoint Server to apply available patches and mitigations promptly, especially where systems are reachable from the public internet.
CISA warns of active exploitation of three SharePoint Server vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urges administrators to patch three SharePoint Server vulnerabilities that attackers are actively exploiting against Internet-exposed,...
- CISA warns attackers are actively exploiting three vulnerabilities in on-premises SharePoint Server.
- The targeted systems are Internet-exposed SharePoint Server instances.
- Two of the covered vulnerabilities are reported as being exploited as zero-days.
- CISA urges administrators to patch immediately and apply mitigation steps.
- Organizations with publicly reachable on-premises SharePoint deployments are advised to remediate promptly.
Three bugs are under active attack, and two more critical holes could add to the pain
1 hour agoThree vulnerabilities are actively exploited in attacks, including two that have been targeted as zero-days. The post CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities appeared first on SecurityWeek.
2 hours agoThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises SharePoint Server instances. [...]
7 hours agoU.S. Expands UAE Access to High-End AI Chips After UAE Support Against Iran
The United States is easing rules to allow the United Arab Emirates broader access to high-end artificial intelligence c...
Files linked to Kudankulam nuclear plant disclosed after alleged partial breach
Multiple outlets report that a ransomware-linked group known as “World Leaks” has posted a cache of files it claims are...
OnePlus reportedly exits US and Europe as Oppo restructures operations
Multiple reports, citing Bloomberg and other sources, say OnePlus is preparing to withdraw from the U.S. and European sm...