Microsoft Releases Urgent Patch to Counter Server Attacks: What To Know
Newsweek AI is in beta. Translations may contain inaccuracies—please refer to the original content.
Microsoft has released an emergency security update to address a critical vulnerability in its on-premises SharePoint Server software, following a wave of cyberattacks over the weekend.
The attacks, discovered over the weekend, exploit a previously unknown vulnerability in the document-sharing software, prompting immediate action from both Microsoft and federal investigators.
Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) via email for comment.
Why It Matters
This high-impact breach highlights persistent risks for organizations relying on on-premises SharePoint servers for collaboration and internal document management. Attackers have reportedly bypassed advanced security measures, such as multi-factor authentication (MFA) and single sign-on, gaining privileged access to sensitive U.S. government, educational, health care, and corporate systems.
What To Know
On Sunday, Microsoft released a series of security patches to address the breach, saying that it was "aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update."
In a statement on social media, the tech giant said that "Microsoft has released a security update for SharePoint Subscription Edition to mitigate active attacks targeting on-premises servers. SharePoint Online is not affected. Customers should apply the update immediately. We are actively working on updates for SharePoint 2016 and 2019."
A Microsoft office in New York City as seen on June 24, 2025.
A Microsoft office in New York City as seen on June 24, 2025.
Getty Images
The vulnerability CVE-2025-53770 enables attackers to execute code and bypass traditional defenses remotely. Microsoft's cloud-based SharePoint Online service remains unaffected by these exploits.
Eye Security, a Dutch cybersecurity firm, uncovered the initial compromises after scanning over 8,000 SharePoint servers worldwide, identifying at least 54 organizations, including U.S. federal agencies, banks, and universities, that were breached.
The FBI told Newsweek on Sunday that it is aware of the incidents and is working with federal and private-sector partners to address the threat.
Who People Are Saying
Michael Sikorski, CTO and head of Threat Intelligence for Unit 42 at Palo Alto Networks, told Newsweek: "If you have SharePoint on-prem exposed to the internet, you should assume that you have been compromised at this point. This is a high-severity, high-urgency threat.
"We are urging organizations who are running on-prem SharePoint to take action immediately and apply all relevant patches now and as they become available, rotate all cryptographic material, and engage professional incident response."
The Cybersecurity and Infrastructure Security Agency said on Sunday: "CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations.
"This exploitation activity, publicly reported as "ToolShell," provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network."
What Happens Next
Microsoft is continuing to develop patches for the legacy SharePoint 2016 version, and has advised users to disconnect affected servers from the internet if immediate updates are not available or feasible.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
20 minutes ago
- Yahoo
1 Super Artificial Intelligence (AI) Stock Billionaire Bill Gates Has 25% of His Foundation's Portfolio Invested In
Key Points The Gates Foundation holds a substantial number of Microsoft shares. Microsoft has become a top player in offering artificial intelligence models. However, the stock is starting to appear somewhat pricey compared to its peers. 10 stocks we like better than Microsoft › Bill Gates is a well-known entrepreneur, having co-founded Microsoft (NASDAQ: MSFT) in the mid-1970s. This made him a fortune, and he constantly ranks among the richest people in the world. He established the Gates Foundation Trust, one of the world's most well-funded foundations. By examining its holdings, investors can gain insight into what one of the world's brightest minds considers top stock picks, and they've identified an AI stock that has been a stellar performer in recent years. In fact, the stock has more than doubled since the start of 2023 alone. What is this stock? It's none other than Microsoft. Microsoft is the foundation's top holding This really shouldn't come as a surprise to anyone. Bill Gates runs the fund, so he will fill it with a company that he thinks will succeed. Most of this stock was donated from Gates' wealth; however, if the foundation didn't think Microsoft was set to succeed, they would have sold it a long time ago and moved on to something else. About 25% of the foundation's worth is tied up in Microsoft stock, valued at around $10.7 billion. That's a concentrated bet for a charitable foundation, but it has worked out well with Microsoft's recent success. Microsoft has emerged as a top AI pick due to its role as a facilitator in the space. It isn't developing its own generative AI model; instead, it's offering many of the leading ones on its cloud computing platform, Azure. Developers can choose from OpenAI's ChatGPT, a leading option, Meta Platforms' Llama, DeepSeek's R1 (a more affordable alternative from China), or xAI's Grok, a company founded by Elon Musk. By offering a wide range of generative AI models, Microsoft isn't locking its clients into a single provider. This has made Azure a top choice for building AI models on, which is why it has outgrown its peers in recent quarters. We'll get an update on how the other cloud computing providers -- namely Alphabet's Google Cloud and Amazon's Amazon Web Services (AWS) -- in the next few weeks, but I'd be shocked if Azure isn't growing quicker than they are. Azure has become a top platform for building AI applications, but has it done enough to make Microsoft a top buy now? Microsoft's stock is starting to look a bit pricey for its growth If Microsoft derived all of its revenue from Azure, I'd be a buyer at nearly any price. However, Microsoft has other product lines that aren't growing as quickly, which slows the company's overall growth pace. In its latest period -- the third quarter of fiscal 2025 -- overall revenue rose to $70.1 billion at a 13% pace. While Microsoft doesn't break out the revenue generated by Azure, we know from prior information that it accounts for over half of the Intelligent Cloud division, which brought in $26.8 billion during Q3 (ending March 31). They do provide Azure's growth rate, which was Microsoft's top-performing division in Q3, rising 33% year over year. Microsoft's diluted earnings per share also rose an impressive 18%, but is that fast enough to justify its valuation? Microsoft trades at nearly 40 times trailing earnings, which is a very expensive price tag and exceeds its recent highs reached during the AI arms race period. Wall Street analysts project $15.14 in earnings per share for fiscal 2026 (ending June 30, 2026), which indicates the stock trades at 33.7 times forward earnings. That's still a high valuation, and investors need to start being a bit cautious when stocks reach that level, especially when they're growing at Microsoft's pace. Yes, Microsoft is growing faster than the market, but it's not growing as fast as some of its peers. Take Meta Platforms, for example. It trades at 28 times trailing earnings and grew revenue at a 16% pace during its last quarter with 36% earnings-per-share growth. That's a cheaper stock growing faster, which should cause Microsoft investors to question whether it's the best big tech stock to be in right now. Numerous other big tech stocks have better growth numbers and cheaper valuations than Microsoft. Although it's a dominant company, it's starting to look a bit expensive compared to its peers. Should you buy stock in Microsoft right now? Before you buy stock in Microsoft, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the for investors to buy now… and Microsoft wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $636,628!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $1,063,471!* Now, it's worth noting Stock Advisor's total average return is 1,041% — a market-crushing outperformance compared to 183% for the S&P 500. Don't miss out on the latest top 10 list, available when you join Stock Advisor. See the 10 stocks » *Stock Advisor returns as of July 21, 2025 Keithen Drury has positions in Alphabet, Amazon, and Meta Platforms. The Motley Fool has positions in and recommends Alphabet, Amazon, Meta Platforms, and Microsoft. The Motley Fool recommends the following options: long January 2026 $395 calls on Microsoft and short January 2026 $405 calls on Microsoft. The Motley Fool has a disclosure policy. 1 Super Artificial Intelligence (AI) Stock Billionaire Bill Gates Has 25% of His Foundation's Portfolio Invested In was originally published by The Motley Fool Sign in to access your portfolio
Yahoo
an hour ago
- Yahoo
Global Gains, Local Taxes: China Tightens Rules on Overseas Stock Profits
Mainland Chinese investors riding the U.S. bull marketfrom Tesla (NASDAQ:TSLA) to Microsoft (NASDAQ:MSFT)are getting unexpected phone calls. Local tax authorities have started enforcing a long-ignored rule: a 20% levy on global capital gains and dividends. If you've spent more than 183 days a year in China, you're a tax residentand now, you're on the hook. The rule isn't new. But for years, Beijing looked the other way. That's changing fast. Warning! GuruFocus has detected 7 Warning Signs with TSN. What's triggered the clampdown? For starters, China needs cash. The central government raised its 2024 budget deficit to the highest in over three decades. Meanwhile, U.S. markets have soaredup over 60% since early 2022making now a tempting time to reel in offshore profits. China has had access to overseas bank data since it joined the OECD's Common Reporting Standard in 2018. In Hong Kong, banks routinely report account details for clients flagged as Chinese tax residents. Until recently, that information sat quietly. Now, it's being put to work. But not all investors are affected equally. Those trading Hong Kong stocks via the Stock Connect program remain exempt from capital gains taxat least through 2027. Domestic trades are still tax-free too. That policy protects China's capital markets, even as the net tightens around overseas profits. For investors caught off guard, the sting is real. Unlike in the U.S., they can't offset past losses to reduce the bill. The message from Beijing is subtle but serious: if you've made money abroad, now's the time to settle up. This article first appeared on GuruFocus. Inicia sesión para acceder a tu portafolio
CNN
4 hours ago
- CNN
On GPS: Bill Gates on navigating the future of AI
This week, the White House announced its plan to make America the world leader in artificial intelligence — largely by scaling back regulations. Fareed sits down with Microsoft cofounder and philanthropist Bill Gates to talk about how he sees the present and future of AI.
