Microsoft SharePoint zero-day breach hits 75 servers: Here's what the company said
zero-day vulnerability
in Microsoft SharePoint is being actively exploited by hackers. Tracked as
CVE-2025-53770
, the vulnerability is being actively exploited in a large-scale
cyberattack
which has led to the compromise of 75 company servers, including major corporations and US government agencies. This server security threat poses a serious threat to organisations which completely rely on the Microsoft collaboration platform. Microsoft has acknowledged the issue and has said that the company is actively working to release a security update for the vulnerability. 'Our team is actively working to release a security update and will provide additional details as they are available,' said the company.
Microsoft SharePoint vulnerability CVE-2025-53770: Key details
The Microsoft SharePoint vulnerability has 9.8 rating on the CVSS scale. The vulnerability which has impacted 75 company servers allows unauthenticated
remote code execution
by exploiting how SharePoint deserializes untrusted data. As per reports, the attackers are also using this vulnerability to steal the cryptographic keys and deploy persistent web shells which will grant them complete control over the affected systems.
It is also important to note that CVE-2025-53770 is a variant of CVE-2025-49706 which Microsoft patched with the July updates. The exploits invite ASPX payloads delivered via PowerShell, targeting the server's MachineKey configuration.
Who is affected by the Microsoft SharePoint vulnerability
This breach has impacted 75 servers of the company which makes it a widespread threat. So, presently, the SharePoint Server users running 2016, 2019, or Subscription Edition are the ones affected by this breach. The company has however confirmed that the SharePoint Online (Microsoft 365) is not impacted.
Sponsored Links
Sponsored Links
Promoted Links
Promoted Links
You May Like
Buy the Dip: Top 5 Dividend Stocks with Growth Potential
Seeking Alpha
Read More
Undo
by Taboola
by Taboola
What Microsoft said about the breach
Microsoft has acknowledged the vulnerability and is working on an emergency patch to address the flaw. 'Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770. SharePoint Online in Microsoft 365 is not impacted,' said the company.
'A patch is currently not available for this vulnerability. Mitigations and detections are provided below. Our team is actively working to release a security update and will provide additional details as they are available,' added the company.
Microsoft share guidelines for users
Microsoft has also shared some guidelines for users to protect their on-premises SharePoint Server environment. The company has asked the users to:
- Enable Antimalware Scan Interface (AMSI) integration and deploy Defender AV on all SharePoint servers
- If AMSI cannot be enabled, Microsoft recommends disconnecting servers from the internet
- Use Defender for Endpoint to detect post-exploit activity and monitor for suspicious file creation like spinstall0.aspx.
AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Indian Express
24 minutes ago
- Indian Express
Delhi govt unveils draft industrial policy to tackle red tape, attract investments
Dealing with regulatory 'inefficiencies' and bringing in a simpler registration and approval process is the way forward for Delhi to become a global business hub. This is at the core of the Delhi government's 'Draft Industrial Policy-2025-35', which aims to promote sectors such as banking, artificial intelligence and robotics. It also aims to promote the Research and Development (R&D) and Hospitality sectors to boost revenue and employment. The draft policy noted that the Capital's business environment suffers from 'significant regulatory inefficiencies' — including lengthy 4-6 month registration and licensing processes, multiple agency approvals, bureaucratic 'delays', 'corruption', and complex tax policies. This hinders businesses, especially SMEs, discourages FDI, and slows infrastructure development. 'To address this, Delhi must leverage AI-driven automation, digital governance, and investor-friendly frameworks to create a seamless and transparent economic ecosystem… so that Delhi can transform into a highly efficient and business-friendly hub, attracting investments, boosting employment, and accelerating economic growth,' reads the policy. The Industries Department has sought comments from the public and stakeholders on the draft. The steps recommended by the draft policy included implementing single-window business registration portals with blockchain verification for automated approvals and real-time tracking, inspired by Singapore's BizFile+ and Estonia's e-Residency. Enhancing regulatory transparency through blockchain-based systems to prevent manipulation and delays, as was in Dubai's Blockchain Strategy, accelerating commercial expansion and infrastructure development with one-stop digital approval systems and intimation-based regimes like Hong Kong's E-Submission Hub, were also suggested in the draft policy. 'The policy aims to harness the city's skilled human capital, create quality employment opportunities, and ensure inclusive, sustainable economic growth, while making optimal use of Delhi's limited land and environmental resources,' said officials. Under this policy, the government also aims to set up a Rs 400-crore venture capital fund. There are also plans to provide reimbursement of 50% fixed capital investment (including land) for five years for businesses in frontier-tech sectors up to a maximum limit of Rs 50 crore per project. In addition, there will be a 6% interest subsidy per annum for the first five years; reimbursement of 100% state GST for five years; 100% reimbursement of patent filing up to Rs 5 lakh per patent; and exemption of 50% on wheeling charges and transmission charges, on interstate purchase of power, reads the draft policy. Industrial areas in Baprola, Rani Khera and Kanjhawala have been earmarked for development of the frontier-tech services sector. Further, to boost the hospitality sector, the policy recommends permitting hotels and serviced apartments as part of commercial centres in industrial zones. The government has proposed a series of targeted interventions, including increasing hotel rooms near locations like ITPO at Pragati Maidan and Yashobhoomi for the hospitality sector under its policy. 'Facilitate the PPP model for developing tourism infrastructure at government facilities… Make Delhi a restaurant and bistro-friendly city with streamlined compliance and regulatory burden, and a reasonable alcohol policy,' reads the draft. An 'inter-departmental committee' will be formed to serve as a recommendatory body to the Cabinet for sanction of incentives across various sectors. A high-level review and monitoring committee will be constituted to monitor the implementation and progress of all the policy provisions regularly, said officials. Officials said the subsidies will be sanctioned by the Commissioner, Industries. Further, the draft policy recommends holding a Global Investor Summit and other events for promotion of the policy and industrial development in Delhi. There are a total of 32 planned and 27 unplanned industrial areas and 4 flatted factories in Delhi.
Time of India
35 minutes ago
- Time of India
Can't determine man's income from I-T return in maintenance case: HC
1 2 Kolkata: Income tax return cannot be conclusive proof of earning, and an individual's actual income would indeed be very different from the figures shown in the I-T return, the Calcutta High Court stated, reprimanding a man, seeking to lower the maintenance amount to his wife from the Rs 20,000 that a family court had set. The judge increased the maintenance amount to Rs 25,000 with a 5% hike every two years, considering the issue of automatic adjustment for inflation. The man, in his I-T return, showed an annual earning of Rs 5,13,890. "In the present time and age, there has been a drastic change in society concerning marital obligations. This sharp fluctuation demands a change in the judicial approach towards the grant of maintenance as well, as maintenance is no longer a handout to barely cover subsistence. Rather, it has now become a tool to preserve lifestyle stability. As a sequel, it fundamentally repositions spousal support as a continuity of living, not compensation for separation," Justice Bibhas Ranjan De said. You Can Also Check: Kolkata AQI | Weather in Kolkata | Bank Holidays in Kolkata | Public Holidays in Kolkata The court pointed out that the man was ready to pay Rs 15,000 to his driver but not Rs 20,000 to his estranged wife, with whom he had a son (25), and "who had spent a considerable period of her life with him". by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Gentle Japanese hair growth method for men and women's scalp Hair's Rich Learn More Undo "It would be pertinent to mention that any settlement to be arrived at between parties must take into account actual living standards and the cost of inflation. On the other hand, it reinforces the idea that women, who have devoted years to domestic responsibilities, deserve to maintain a comparable life after separation," the HC held. The woman had approached the Calcutta HC, seeking an increase in the maintenance amount from Rs 20,000 to Rs 30,000, But the man argued for a reduction, citing his retirement from service, his own medical expenses and the fact that their son, now 25, was no longer dependent. In response to his I-T return statement, the HC said, "The figures reported therein are subject to taxpayer's understanding and interpretation, which is not always accurate or comprehensive. In addition to that, there is always a possibility of under-reporting... . That is why courts often look beyond I-T returns while determining a person's income, especially in proceedings such as maintenance cases."
Time of India
an hour ago
- Time of India
Pisces Daily Horoscope Today, July 22, 2025: Protect your energy with limits
Today reminds you to draw a line between your peace and outside pressure. Say no without guilt if something does not feel right. Your time, mind and heart deserve care. Boundaries are not about rejection but about self-respect. You are being asked to protect your inner world so it can grow strong and peaceful. Honour your space. Only then can you truly connect with others. Pisces Love Horoscope Today In love, emotional boundaries will help your relationship stay healthy. If your partner is demanding more than you can give, speak softly but clearly. Love does not mean ignoring your own needs. If you are single, avoid giving too much too soon. Let the other person show effort too. Be kind, but also aware of your emotional energy. Today is about balanced love, where both care and respect flow equally. Love grows when there is freedom, not pressure. Pisces Career Horoscope Today In career, someone may ask for extra help or involvement. Think before agreeing. If your plate is already full, it's okay to say no. Protect your focus and energy. Do your tasks with calm and quality, not speed. Boundaries will help you work better and avoid burnout. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like 5 Books Warren Buffett Wants You To Read in 2025 Blinkist: Warren Buffett's Reading List Undo You are not being difficult; you are taking care of your limits. Today, self-discipline and clear communication will help your work feel more peaceful. Pisces Money Horoscope Today Money matters today require careful planning and emotional distance. Don't lend money unless you are fully comfortable with the situation. Emotional guilt should not guide your financial choices. Review your budget and make sure your spending is supporting your needs, not others' expectations. A calm conversation around money may be needed with someone close. Let your financial boundaries support your peace. Save for your future and avoid emotional purchases today. When your money is guarded wisely, peace of mind increases. Pisces Health Horoscope Today Health may feel sensitive if you ignore your personal space or rest. Emotional tiredness can turn into physical fatigue. Respect your body's need for rest and quiet. Avoid late nights, loud places and too much screen time. Create a simple routine with enough breathing room. Light food, herbal tea and moments of silence can bring great healing. Stay away from those who drain your energy. Today, health is not just about what you eat, but how gently you treat your inner world. Discover everything about astrology at Times of India , including daily horoscopes for Aries , Taurus , Gemini , Cancer , Leo , Virgo , Libra , Scorpio , Sagittarius , Capricorn , Aquarius , and Pisces . Read your detailed Horoscope Today and Horoscope Tomorrow here.
