Microsoft Issues Urgent Security Patch For SharePoint After "Active Attacks"
Tech giant Microsoft has issued urgent security patch after observing "active attacks" on server software used by government agencies and businesses to share documents within organisations.
According to Microsoft, the vulnerabilities apply only to SharePoint servers used within organisations. SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks, the organisation informed.
"Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update," said the tech giant in ints security advisory.
The company recommended security updates that customers should apply immediately.
The US Federal Bureau of Investigation (FBI) also said it is aware of the attacks and is working closely with its federal and private-sector partners.
The vulnerability is related to a case of remote code execution that arises due to the deserialization of untrusted data in on-premise versions of Microsoft SharePoint Server.
Microsoft said the current published content is correct and that the previous inconsistency does not impact the company's guidance for customers.
"After applying the latest security updates above or enabling AMSI, it is critical that customers rotate SharePoint server ASP.NET machine keys and restart IIS on all SharePoint servers," Microsoft said.
"If you cannot enable AMSI, you will need to rotate your keys after you install the new security update," its added.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added 'CVE-2025-53770' vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by July 21, 2025.
"Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. Customers should apply these updates immediately to ensure they're protected," said the company in its security update.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Hindu
2 hours ago
- The Hindu
Logistics and warehousing policy to be announced soon: Sirsa
The Delhi government will soon launch the Logistics and Warehousing Policy, 2025, said Industries Minister Manjinder Singh Sirsa on Sunday. The government is exploring dedicated logistics hubs, green freight corridors, and technology-driven solutions, as the policy, which aims to ease congestion, curb pollution, and boost ease of doing business, is expected to be made public in 15 days, according to the Minister's office. The policy will be structured around 16 key action points, which collectively aim to overhaul Delhi's logistics landscape, including 24/7 operations for logistics parks through amendments to the Model Shops Act, digital delivery management to optimize truck movement and reduce peak-hour traffic, and merging trade and establishment licenses to cut red tape for warehousing businesses and others. 'This is a game-changer policy. It will make our logistics ecosystem cleaner, faster, and more competitive. Traders will gain, commuters will breathe easier, and Delhi will set a benchmark for sustainable urban freight,' Mr. Sirsa said. Mr. Sirsa said that Delhi currently handles 10 lakh tonnes of freight per day through 1.93 lakh vehicles, 21% of which passes through traffic. The largest share is carried by trucks transporting building materials (4,132 vehicles/day), textiles (3,995), fruits and vegetables (2,569), and food products (2,468). Even pharmaceuticals (559) and automobiles (588) contribute to congestion. 'Without proper warehousing zones, these vehicles enter city interiors, clogging major routes and worsening pollution,' Mr. Sirsa said. The Minister said that the draft policy proposes relocating warehouses to the periphery, consolidating freight at three modern Urban Consolidation and Logistics Distribution Centres to be built on city outskirts with incentives for traders and shifting last-mile deliveries to electric and CNG vehicles. 'These measures will cut vehicular emissions and reduce congestion at hotspots like Azadpur, Ghazipur, Naraina, and Karol Bagh, delivering a significant win for air quality,' he added.
India.com
3 hours ago
- India.com
Bad news for employees of Ratan Tata's TCS, Satya Nadella's Microsoft, Intel as they plan to sack 50,000 employees due to...
Narayan Murthy and Late Ratan Tata- File image IT sector layoff: In a significant bad news for the global tech and IT sector and its millions of employees , three industry giants, Intel, Microsoft, and Tata Consultancy Services (TCS) have collectively announced over 50,000 job cuts in just one week. Readers should note that the massive layoffs wave mark one of the most significant employment disruptions in recent memory. Here are all the details you need to know about the massive layoff wave in the IT sector. Which IT jobs are under risk? Driven by the rapid adoption of artificial intelligence and shifting business priorities amid a broader push toward cost optimization, the major IT companies are taking the decision to reduce their workforce. The world already knows that Microsoft is planning to cut around 9,100 jobs globally, primarily targeting its Xbox, software, and cloud divisions as the company pivots more aggressively toward AI and flattens management structures. Which IT companies are firing on mass scale? Another major company, Intel, which is facing profitability pressures, is slashing over 5,000 roles across multiple US states as part of its strategy to become leaner and more agile. In another update, Ratan TCS, which is India's largest IT firm is trimming about 2% of its workforce, which may possibly impact more than 12,000 employees, especially at the mid- and senior levels, as automation. Why are IT companies doing mass-layoff? Experts say that these large-scale layoffs highlight a deeper structural shift across the tech industry, where AI is not just a tool but a trigger for disruption. As the IT companies are prioritizing more and more innovation and efficiency, traditional roles which were done by humans are rapidly being redefined or replacement.
Mint
4 hours ago
- Mint
TCS to lay off over 12,000 employees this year; mid, senior level staff to be impacted
New Delhi, Jul 27 (PTI) India's largest IT services firm, Tata Consultancy Services (TCS), is set to lay off about 2 per cent, or 12,261 employees, of its global workforce this year, with the majority of those impacted belonging to middle and senior grades. As of June 30, 2025, TCS's workforce stood at 6,13,069. It increased its workforce by 5,000 employees in the recently concluded April-June quarter. The move is part of the company's broader strategy to become a "future-ready organisation", focusing on investments in technology, AI deployment, market expansion, and workforce realignment, TCS said in a statement. "TCS is on a journey to become a Future-Ready organisation. This includes strategic initiatives on multiple fronts, including investing in new-tech areas, entering new markets, deploying AI at scale for our clients and ourselves, deepening our partnerships, creating next-gen infrastructure, and realigning our workforce model. "Towards this, a number of reskilling and redeployment initiatives have been underway. As part of this journey, we will also be releasing associates from the organisation whose deployment may not be feasible. This will impact about 2 per cent of our global workforce, primarily in the middle and the senior grades, over the course of the year," it said. TCS will provide appropriate benefits, outplacement, counselling, and support to the impacted employees, it added The move comes at a time when India's top IT services companies have delivered single-digit revenue growth in Q1FY26, capping off a somewhat-sobering June quarter as macroeconomic instability and geopolitical tensions weighed on global tech demand and delayed client decision-making. For TCS, the revenue rose 1.3 per cent year-on-year to ₹ 63,437 crore, bottomline improved 5.9 per cent to ₹ 12,760 crore in Q1FY26. TCS MD and Chief Executive K Krithivasan recently said the company is experiencing a "demand contraction" due to the continued uncertainties on the macroeconomic and geopolitical fronts, and added that he does not see a double-digit revenue growth in FY26. Krithivasan explained the delays in decision-making experienced in the preceding quarter have "intensified" now, and hoped for the discretionary spends - a prime mover of revenue growths for IT companies - would return once the uncertainties ebb. Microsoft, the second most valuable publicly listed company after Nvidia globally, has so far laid off over 15,000 employees in 2025, that is 7 per cent of the company's global workforce. In a memo to over 200,000 employees last week, Microsoft CEO Satya Nadella said the layoffs this year have been "weighing heavily" on him. "This is the enigma of success in an industry that has no franchise value,' he said in the memo to staff. He added: "Progress isn't linear. It's dynamic, sometimes dissonant, and always demanding. But it's also a new opportunity for us to shape, lead through, and have greater impact than ever before." According to - a platform that tracks global tech industry layoffs - over 80,000 tech workers have been laid off across 169 tech companies in 2025 alone. In 2024, that number stood at a staggering 1.5 lakh across 551 tech companies - the stark numbers coinciding as much with global macroeconomic woes as with deep debate in tech circles about the impact of AI on job roles, workforce, and employability.
