What to know about a vulnerability being exploited on Microsoft SharePoint servers
NEW YORK--Microsoft has issued an emergency fix to close off a vulnerability in Microsoft's widely-used SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some U.S. government agencies.
The company issued an alert to customers Saturday saying it was aware of the zero-day exploit being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.
'Anybody who's got a hosted SharePoint server has got a problem,' said Adam Meyers, senior vice president with CrowdStrike, a cybersecurity firm. 'It's a significant vulnerability.'
Companies and government agencies around the world use SharePoint for internal document management, data organization and collaboration.
A zero-day exploit is a cyberattack that takes advantage of a previously unknown security vulnerability. 'Zero-day' refers to the fact that the security engineers have had zero days to develop a fix for the vulnerability.
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the exploit affecting SharePoint is 'a variant of the existing vulnerability CVE-2025-49706 and poses a risk to organizations with on-premise SharePoint servers.'
Security researchers warn that the exploit, reportedly known as 'ToolShell,' is a serious one and can allow actors to fully access SharePoint file systems, including services connected to SharePoint, such as Teams and OneDrive.
Google's Threat Intelligence Group warned that the vulnerability may allow bad actors to 'bypass future patching.'
Eye Security said in its blog post that it scanned over 8,000 SharePoint servers worldwide and discovered that at least dozens of systems were compromised. The cybersecurity company said the attacks likely began on July 18.
Microsoft said the vulnerability affects only on-site SharePoint servers used within businesses or organizations and does not affect Microsoft's cloud-based SharePoint Online service.
But Michael Sikorski, CTO and Head of Threat Intelligence for Unit 42 at Palo Alto Networks, warns that the exploit still leaves many potentially exposed to bad actors.
'While cloud environments remain unaffected, on-prem SharePoint deployments — particularly within government, schools, health care including hospitals, and large enterprise companies — are at immediate risk.'
The vulnerability targets SharePoint server software so customers of that product will want to immediately follow Microsoft's guidance to patch their on-site systems.
Although the scope of the attack is still being assessed, CISA warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.
'We are urging organizations who are running on-prem SharePoint to take action immediately and apply all relevant patches now and as they become available, rotate all cryptographic material, and engage professional incident response. An immediate, band-aid fix would be to unplug your Microsoft SharePoint from the internet until a patch is available,' Sikorski advises.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Japan Today
21 hours ago
- Japan Today
Trump says Japan will invest $550 billion in US at his direction. It may not be a sure thing
A staff member distributes an extra edition of the Yomiuri Shimbun newspaper reporting that President Donald Trump announced a trade framework with Japan on Tuesday, Wednesday, July 23, 2025, in Tokyo. The headline reads "U.S., a 15% tax on goods imported from Japan." (AP Photo/Eugene Hoshiko) By JOSH BOAK and MARI YAMAGUCHI President Donald Trump is bragging that Japan has given him, as part of a new trade framework, $550 billion to invest in the United States. It's an astonishing figure, but still subject to negotiation and perhaps not the sure thing he's portraying. "Japan is putting up $550 billion in order to lower their tariffs a little bit," Trump said Thursday. 'They put up, as you could call it, seed money. Let's call it seed money.' He said 90% of any profits from the money invested would go to the U.S. even if Japan had put up the funds. 'It's not a loan or anything, it's a signing bonus,' the Republican president said, on the trade framework that lowered his threatened tariff from 25% to 15%, including on autos. A White House official said the terms are being negotiated and nothing has been formalized in writing. The official, who insisted on anonymity to detail the terms of the talks, suggested the goal was for the $550 billion fund to make investments at Trump's direction. The sum is significant: It would represent more than 10% of Japan's entire gross domestic product. The Japan External Trade Organization estimates that direct investment into the U.S. economy topped $780 billion in 2023. It is unclear the degree to which the $550 billion could represent new investment or flow into existing investment plans. What the trade framework announced Tuesday has achieved is a major talking point for the Trump administration. The president has claimed to have brought trillions of dollars in new investment into the U.S., though the impact of those commitments have yet to appear in the economic data for jobs, construction spending or manufacturing output. The framework also enabled Trump to say other countries are agreeing to have their goods taxed, even if some of the cost of those taxes are ultimately passed along to U.S. consumers. On the $550 billion, Japan's Cabinet Office said it involves the credit facility of state-affiliated financial institutions, such as Japan Bank for International Cooperation. Further details would be decided based on the progress of the investment deals. Japanese trade negotiator Ryosei Akazawa, upon returning to Japan, did not discuss the terms of the $550 billion investment. Akazawa said he believes a written joint statement is necessary, at least on working levels, to avoid differences. He is not thinking about a legally binding trade pact. The U.S. apparently released its version of the deal while Japanese officials were on their return flight home. 'If we find differences of understanding, we may have to point them out and say 'that's not what we discussed,'' Akazawa said. The U.S. administration said the fund would be invested in critical minerals, pharmaceuticals, computer chips and shipbuilding, among other industries. It has said Japan will also buy 100 airplanes from Boeing and rice from U.S. farmers as part of the framework, which Treasury Secretary Scott Bessent said would be evaluated every three months. 'And if the president is unhappy, then they will boomerang back to the 25% tariff rates, both on cars and the rest of their products. And I can tell you that I think at 25, especially in cars, the Japanese economy doesn't work,' Bessent told Fox News' 'The Ingraham Angle.' Akazawa denied that Bessent's quarterly review was part of the negotiations. 'In my past eight trips to the United States during which I held talks with the president and the ministers," Akazawa said. 'I have no recollection of discussing how we ensure the implementation of the latest agreement between Japan and the United States.' He said it would cause major disruptions to the economy and administrative processes if the rates first rise to 25% as scheduled on Aug. 1 and then drop to 15%. 'We definitely want to avoid that and I believe that is the understanding shared by the U.S. side,' he said. On buying U.S. rice, Japanese officials have said they have no plans to raise the current 770,000-ton 'minimum access' cap to import more from America. Agricultural Minister Shinjiro Koizumi said Japan will decide whether to increase U.S. rice imports and that Japan is not committed to a fixed quota. Trump's commerce secretary, Howard Lutnick, has suggested that the Japanese agreement is putting pressure on other countries such as South Korea to strike deals with the U.S. Trump, who is traveling in Scotland, plans to meet on Sundayv with European Commission President Ursula von der Leyen to discuss trade. 'Whatever Donald Trump wants to build, the Japanese will finance it for him,' Lutnick said Thursday on CNBC. 'Pretty amazing.' Yamaguchi reported from Tokyo. © Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Japan Today
2 days ago
- Japan Today
Barcelona will play a preseason game in Japan after contractual dispute with promoter is resolved
FC Barcelona player Lamine Yamal poses with his new jersey after signing a contract extension with the soccer club in Barcelona, northern Spain, Wednesday, July 16, 2025. (AP Photo/Joan Monfort) soccer Barcelona will play a preseason game in Japan that it had previously said was canceled after resolving a contractual dispute with the promoter, the Spanish champion said Friday. Barcelona said that its team was traveling to Japan where it will play a friendly against Vissel Kobe on Sunday. The club said that it and the promoter have 'resolved all the issues that two days prior obliged Barcelona to cancel its participation' in the game. Barcelona has not named the promoter or given more detail about the dispute. After Japan, Barcelona also plans to visit South Korea to play FC Seoul on July 31 and Daegu FC on Aug. 4. Like other big clubs, Barcelona — which has struggled with large debts in recent years — uses the summer to play exhibition games abroad as a way to earn extra cash. © Copyright 2025 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
The Mainichi
3 days ago
- The Mainichi
Trump's order to block 'woke' AI in government encourages tech giants to censor their chatbots
(AP) -- Tech companies looking to sell their artificial intelligence technology to the federal government must now contend with a new regulatory hurdle: prove their chatbots aren't "woke." President Donald Trump's sweeping new plan to counter China in achieving "global dominance" in AI promises to cut regulations and cement American values into the AI tools increasingly used at work and home. But one of Trump's three AI executive orders signed Wednesday -- the one "preventing woke AI in the federal government" -- also mimics China's state-driven approach to mold the behavior of AI systems to fit its ruling party's core values. Several leading providers of the AI language models targeted by the order -- products like Google's Gemini, Microsoft's Copilot -- have so far been silent on Trump's anti-woke directive, which still faces a study period before it gets into official procurement rules. While the tech industry has largely welcomed Trump's broader AI plans, the anti-woke order forces the industry to leap into a culture war battle -- or try their best to quietly avoid it. "It will have massive influence in the industry right now," especially as tech companies "are already capitulating" to other Trump administration directives, said civil rights advocate Alejandra Montoya-Boyer, senior director of The Leadership Conference's Center for Civil Rights and Technology. The move also pushes the tech industry to abandon years of work to combat the pervasive forms of racial and gender bias that studies and real-world examples have shown to be baked into AI systems. "First off, there's no such thing as woke AI," she said. "There's AI technology that discriminates and then there's AI technology that actually works for all people." Molding the behaviors of AI large language models is challenging because of the way they're built. They've been trained on most of what's on the internet, reflecting the biases of all the people who've posted commentary, edited a Wikipedia entry or shared images online. "This will be extremely difficult for tech companies to comply with," said former Biden official Jim Secreto, who was deputy chief of staff to U.S. Secretary of Commerce Gina Raimondo, an architect of many of Biden's AI industry initiatives. "Large language models reflect the data they're trained on, including all the contradictions and biases in human language." Tech workers also have a say in how they're designed, from the global workforce of annotators who check their responses to the Silicon Valley engineers who craft the instructions for how they interact with people. Trump's order targets those "top-down" efforts at tech companies to incorporate what it calls the "destructive" ideology of diversity, equity and inclusion into AI models, including "concepts like critical race theory, transgenderism, unconscious bias, intersectionality, and systemic racism." For Secreto, the order resembles China's playbook in "using the power of the state to stamp out what it sees as disfavored viewpoints." The method is different, with China relying on direct regulation through its Cyberspace Administration, which audits AI models, approves them before they are deployed and requires them to filter out banned content such as the bloody Tiananmen Square crackdown on pro-democracy protests in 1989. Trump's order doesn't call for any such filters, relying on tech companies to instead show that their technology is ideologically neutral by disclosing some of the internal policies that guide the chatbots. "The Trump administration is taking a softer but still coercive route by using federal contracts as leverage," Secreto said. "That creates strong pressure for companies to self-censor in order to stay in the government's good graces and keep the money flowing." The order's call for "truth-seeking" AI echoes the language of the president's one-time ally and adviser Elon Musk, who frequently uses that phrase as the mission for the Grok chatbot made by his company xAI. But whether Grok or its rivals will be favored under the new policy remains to be seen. Despite a "rhetorically pointed" introduction laying out the Trump administration's problems with DEI, the actual language of the order's directives shouldn't be hard for tech companies to comply with, said Neil Chilson, a Republican former chief technologist for the Federal Trade Commission. "It doesn't even prohibit an ideological agenda," just that any intentional methods to guide the model be disclosed, said Chilson, who is now head of AI policy at the nonprofit Abundance Institute. "Which is pretty light touch, frankly." Chilson disputes comparisons to China's cruder modes of AI censorship. "There is nothing in this order that says that companies have to produce or cannot produce certain types of output," he said. "It says developers shall not intentionally encode partisan or ideological judgments. That's the exact opposite of the Chinese requirement." So far, tech companies that have praised Trump's broader AI plans haven't said much about the order. OpenAI on Thursday said it is awaiting more detailed guidance but believes its work to make ChatGPT objective already makes the technology consistent with what the order requires. Microsoft, a major supplier of email, cloud computing and other online services to the federal government, declined to comment Thursday. Musk's xAI, through spokesperson Katie Miller, a former Trump official, pointed to a company comment praising Trump's AI announcements as a "positive step" but didn't respond to a follow-up question about how Grok would be affected. Anthropic, Google, Meta, and Palantir didn't immediately respond to emailed requests for comment Thursday. AI tools are already widely used in the federal government, according to an inventory created at the end of Biden's term. In just one agency, U.S. Health and Human Services, the inventory found more than 270 use cases, including the use of commercial generative AI platforms such as ChatGPT and Google Gemini for internal agency support to summarize the key points of a lengthy report. The ideas behind the order have bubbled up for more than a year on the podcasts and social media feeds of Sacks and other influential Silicon Valley venture capitalists, many of whom endorsed Trump's presidential campaign last year. Much of their ire centered on Google's February 2024 release of an AI image-generating tool that produced historically inaccurate images before the tech giant took down and fixed the product. Google later explained that the errors -- including one user's request for American Founding Fathers that generated portraits of Black, Asian and Native American men -- was the result of an overcompensation for technology that, left to its own devices, was prone to favoring lighter-skinned people because of pervasive bias in the systems. Trump allies alleged that Google engineers were hard-coding their own social agenda into the product, and made it a priority to do something about it. "It's 100% intentional," said prominent venture capitalist and Trump adviser Marc Andreessen on a podcast in December. "That's how you get Black George Washington at Google. There's override in the system that basically says, literally, 'Everybody has to be Black.' Boom. There's squads, large sets of people, at these companies who determine these policies and write them down and encode them into these systems." Sacks credited a conservative strategist for helping to draft the order. "When they asked me how to define 'woke,' I said there's only one person to call: Chris Rufo. And now it's law: the federal government will not be buying WokeAI," Sacks wrote on X.
