Microsoft Releases Urgent Patch to Counter Server Attacks: What To Know
Newsweek AI is in beta. Translations may contain inaccuracies—please refer to the original content.
Microsoft has released an emergency security update to address a critical vulnerability in its on-premises SharePoint Server software, following a wave of cyberattacks over the weekend.
The attacks, discovered over the weekend, exploit a previously unknown vulnerability in the document-sharing software, prompting immediate action from both Microsoft and federal investigators.
Newsweek reached out to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) via email for comment.
Why It Matters
This high-impact breach highlights persistent risks for organizations relying on on-premises SharePoint servers for collaboration and internal document management. Attackers have reportedly bypassed advanced security measures, such as multi-factor authentication (MFA) and single sign-on, gaining privileged access to sensitive U.S. government, educational, health care, and corporate systems.
What To Know
On Sunday, Microsoft released a series of security patches to address the breach, saying that it was "aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update."
In a statement on social media, the tech giant said that "Microsoft has released a security update for SharePoint Subscription Edition to mitigate active attacks targeting on-premises servers. SharePoint Online is not affected. Customers should apply the update immediately. We are actively working on updates for SharePoint 2016 and 2019."
A Microsoft office in New York City as seen on June 24, 2025.
A Microsoft office in New York City as seen on June 24, 2025.
Getty Images
The vulnerability CVE-2025-53770 enables attackers to execute code and bypass traditional defenses remotely. Microsoft's cloud-based SharePoint Online service remains unaffected by these exploits.
Eye Security, a Dutch cybersecurity firm, uncovered the initial compromises after scanning over 8,000 SharePoint servers worldwide, identifying at least 54 organizations, including U.S. federal agencies, banks, and universities, that were breached.
The FBI told Newsweek on Sunday that it is aware of the incidents and is working with federal and private-sector partners to address the threat.
Who People Are Saying
Michael Sikorski, CTO and head of Threat Intelligence for Unit 42 at Palo Alto Networks, told Newsweek: "If you have SharePoint on-prem exposed to the internet, you should assume that you have been compromised at this point. This is a high-severity, high-urgency threat.
"We are urging organizations who are running on-prem SharePoint to take action immediately and apply all relevant patches now and as they become available, rotate all cryptographic material, and engage professional incident response."
The Cybersecurity and Infrastructure Security Agency said on Sunday: "CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized access to on-premise SharePoint servers. While the scope and impact continue to be assessed, the new Common Vulnerabilities and Exposures (CVE), CVE-2025-53770, is a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations.
"This exploitation activity, publicly reported as "ToolShell," provides unauthenticated access to systems and enables malicious actors to fully access SharePoint content, including file systems and internal configurations, and execute code over the network."
What Happens Next
Microsoft is continuing to develop patches for the legacy SharePoint 2016 version, and has advised users to disconnect affected servers from the internet if immediate updates are not available or feasible.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
26 minutes ago
- Forbes
Microsoft Just Released A Major Android App Upgrade For Windows 11 PCs
Microsoft announced on July 24 how you can use your Android phone to interact with your Windows 11 PC. 'We've reimagined the Link to Windows app as a connected PC experience hub — a central place where you can access, share, and control content between your Android phone and Windows PC,' Microsoft said in a blog post. Link to Windows has just had an upgrade. Imagine this: you've just stepped away from your desk: that confidential presentation you're working on has been hard and you need a breather. Standing by the coffee machine, you realize your PC display is still on and, as mentioned, that stuff on your screen is secret. Don't panic: the Android app, Link To Windows has just been upgraded so you can lock the PC from your phone with one touch. This is a serious upgrade: already you could set your PC so it would lock if you went more than a certain distance from it, judged by the location of your phone. But this enhancement means you can do it manually — handy if you're still within the geofencing range but just too far to lock the screen instantly without breaking into a run. The new app also has an updated design and allows you to check things like your PC's battery life and current Wi-Fi status from your Android phone's display. What Microsoft calls the onboarding experience has also been improved, so you can set it up directly on your Android phone without the involvement of a PC. You can also send files to your PC from within the app and mirror your phone screen on your PC's display. Just as usefully, you can access the most recent files received on your PC, and clipboard items, which is useful if you're waiting for something specific before you drag yourself back to the office. Microsoft stresses that this new experience is rolling out, so you may not see it straight away. To access it you need the latest Windows Insider Preview build on your PC and Phone Link version of 1.25062.83.0 or higher. On Android, you need Link to Windows app, version 1.25071.155 or higher.
Fox News
an hour ago
- Fox News
What happens when Windows 10 support ends in 2025?
Windows 11 has had poor adoption, with many people sticking to the good old Windows 10. Microsoft has been pushing users to upgrade, threatening to end software support and warning about potential cybersecurity risks. But Windows 11 isn't exactly the best OS to come out of Redmond. Even if it were, many people simply can't upgrade because of its steep system requirements. In fact, it took Windows 11 nearly four years after its 2021 debut to finally surpass its predecessor in user numbers. Now that Windows 10 is being phased out, many users, especially those with older PCs that don't meet the hardware requirements, are understandably concerned. Tony from Wisconsin recently asked us the same thing: "I heard that Microsoft will stop providing security patches for Windows 10 after October. My laptop can't be upgraded to Windows 11 because the CPU is too old. Since I'm not tech-savvy and don't feel comfortable replacing the CPU (nor do I want to), I'm wondering if I have a good antivirus program, do I still need to upgrade? Or will my system still be vulnerable to hackers and viruses?" I understand your concern, Tony. Sticking with an unsupported OS brings security risks. Security researchers warn that unsupported systems, such as Windows 10, will become increasingly attractive targets for hackers. Hackers often reverse-engineer patches released for newer systems like Windows 11 to find similar flaws in older ones like Windows 10. With no more fixes coming, those vulnerabilities remain wide open, making unsupported systems a tempting target. However, you are not without options, and you have a defense. Let's walk through what you can do if your PC is still running Windows 10. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my According to Statcounter, Windows 11 has finally overtaken Windows 10 in terms of desktop and laptop usage as of early July. The newer OS now accounts for 52 percent of all Windows installations, up sharply from just under 48 percent in June. In the same period, Windows 10 dropped from 53.2 percent to 44.6 percent. Interestingly, Windows 7 still holds a small but notable presence, with 2.35 percent of users refusing to let it go. This shift comes nearly four years after Microsoft announced Windows 11 in June 2021. From the start, it was criticized for strict hardware rules. It required a TPM 2.0 chip and newer processors. Many functional PCs were left unable to upgrade. The operating system also introduced a revamped user interface that some users found unnecessary or confusing, leading to a slow adoption rate. Windows 10 is reaching the end of its official support on October 14, 2025. That means Microsoft will stop releasing new features and routine security updates for the general public. For most users, this marks the end of the road, unless they take specific steps to keep receiving updates. To extend security updates beyond this deadline, Microsoft is offering a program called Extended Security Updates (ESU). Normally, this would cost $30 per year for personal users. However, Microsoft is making the first year free if you back up your PC using the Windows Backup app and sync your settings to OneDrive, or if you redeem 1,000 Microsoft Rewards points. Microsoft hasn't disclosed pricing beyond the first year, so it's unclear whether the $30/year rate will remain the same in 2026 and 2027. If you don't opt into either of those methods, you'll need to pay the $30 to continue receiving critical patches through October 2026. This is especially relevant for those who can't upgrade to Windows 11 due to hardware limitations. Even after general support ends, Microsoft will keep updating Microsoft Defender Antivirus on Windows 10 until October 2028. So while full system security updates will stop for most, basic malware protection will continue for a few more years. You can continue using Windows 10 until October 14, 2025, with full access to regular security and stability updates. After that, you can extend protection by enrolling in Microsoft's Extended Security Updates program. The first year is free if you use the Windows Backup app to sync your settings to OneDrive, or if you redeem 1,000 Microsoft Rewards points. If your computer meets the hardware requirements for Windows 11, upgrading is the easiest long-term solution. You'll get access to ongoing feature updates, improved security, and long-term support through at least 2031. Google offers a free operating system called ChromeOS Flex, designed for older PCs and laptops. It's based on the same system used in Chromebooks and focuses on speed, simplicity, and security. However, it doesn't support Android apps or some hardware features like fingerprint readers and may not work for tasks like video editing or gaming.. This can be a great option if you mostly use web apps like Gmail, Google Docs, or Zoom. Linux distributions like Ubuntu, Linux Mint, or Zorin OS provide a stable and user-friendly experience, especially for those coming from Windows. You can use them on older hardware without any licensing fees, and they come with access to thousands of free applications. While there may be a bit of a learning curve, many users find Linux reliable and surprisingly easy to adapt to for everyday tasks like browsing, writing, and media playback. If your current system can't handle Windows 11 and you are not interested in alternatives like ChromeOS or Linux, investing in a new computer may be the most straightforward path. New devices come with Windows 11 pre-installed and are built to support it fully. This ensures you'll continue to receive updates, features, and support for several years without additional effort. Check out our top picks for the best desktop computers for 2025 at and also our top picks for best laptops at Learn how to securely get rid of your old PC or Mac by clicking If you decide to stick with Windows 10 beyond its official support period, having strong third-party antivirus protection becomes even more important. While Microsoft Defender will continue receiving updates until 2028, it may not be enough on its own once the system stops getting core security patches. Installing a reputable antivirus program can help protect your device from malware, phishing, and other threats. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Before making any big changes, be sure to back up your important files. You can use cloud services like OneDrive or Google Drive, or plug in an external hard drive. If you mainly use your computer for email, browsing, or video calls, a tablet or Chromebook might be all you need. They're low-maintenance, secure, and often more affordable than a new Windows laptop. Check out our top picks for the best tablets of 2025 at The end of Windows 10 support isn't a crisis, but it does require action. You should start planning your next move now. Consider upgrading to a newer version of Windows. You could also switch to a different operating system. Another option is investing in stronger security tools. And be on alert: as Windows 10's end-of-life nears, scammers will take advantage. Watch out for phone calls, emails, or pop-ups pretending to be from Microsoft offering "urgent upgrade help." Microsoft doesn't call users out of the blue—these are scams trying to steal your personal info or install malware. Whatever you choose, don't delay the decision. Make sure your PC stays protected and up to date. Key Windows 10 Dates to Know: Will you pay for Extended Security Updates or use the free options Microsoft is offering? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Yahoo
an hour ago
- Yahoo
TransUnion (TRU) Stock Is Up, What You Need To Know
What Happened? Shares of credit reporting company TransUnion (NYSE:TRU) jumped 3.5% in the afternoon session after the company reported strong second-quarter earnings that surpassed expectations and raised its full-year guidance. The credit reporting company announced second-quarter revenue of $1.14 billion, a 10% increase from the prior year, and adjusted earnings of $1.08 per share. These results surpassed Wall Street's expectations. The strong performance was reportedly driven by its U.S. Financial Services segment. Adding to the positive news, TransUnion raised its full-year 2025 forecast. The company now expected adjusted earnings per share in a range of $4.03 to $4.14, with organic revenue growth between 6% and 7%. This report marked the seventh consecutive quarter that the company had exceeded its own financial guidance, signaling consistent operational strength. After the initial pop the shares cooled down to $98.19, up 3.9% from previous close. Is now the time to buy TransUnion? Access our full analysis report here, it's free. What Is The Market Telling Us TransUnion's shares are somewhat volatile and have had 13 moves greater than 5% over the last year. In that context, today's move indicates the market considers this news meaningful but not something that would fundamentally change its perception of the business. The biggest move we wrote about over the last year was 2 months ago when the stock gained 6.6% on the news that the major indices popped (Nasdaq +3.4%, S&P 500 +2.5%) in response to the positive outcome of U.S.-China trade negotiations, as both sides agreed to pause some tariffs for 90 days, signaling a potential turning point in ongoing tensions. This rollback cuts U.S. tariffs on Chinese goods to 30% and Chinese tariffs on U.S. imports to 10%, giving companies breathing room to reset inventories and supply chains. However, President Trump clarified that tariffs could go "substantially higher" if a full deal with China wasn't reached during the 90-day pause, but not all the way back to the previous levels. Still, the agreement has cooled fears of a prolonged trade war, helping stabilize expectations for global growth and trade flows and fueling renewed optimism. The optimism appeared concentrated in key trade-sensitive sectors, particularly technology, retail, and industrials, as lower tariffs reduce cost pressures and restore cross-border demand. TransUnion is up 6.9% since the beginning of the year, but at $98.19 per share, it is still trading 9.6% below its 52-week high of $108.67 from October 2024. Investors who bought $1,000 worth of TransUnion's shares 5 years ago would now be looking at an investment worth $1,094. Here at StockStory, we certainly understand the potential of thematic investing. Diverse winners from Microsoft (MSFT) to Alphabet (GOOG), Coca-Cola (KO) to Monster Beverage (MNST) could all have been identified as promising growth stories with a megatrend driving the growth. So, in that spirit, we've identified a relatively under-the-radar profitable growth stock benefiting from the rise of AI, available to you FREE via this link. Sign in to access your portfolio
