Critical Microsoft SharePoint Vulnerabilities Exploited: Urgent Patching Required
Critical Microsoft SharePoint Vulnerabilities Exploited: Urgent Patching Required
On July 13, 2025, Microsoft disclosed two critical zero-day vulnerabilities in its SharePoint platform, allowing unauthenticated remote code execution. These vulnerabilities have been actively exploited, with over 75 confirmed compromises reported across sectors such as finance and healthcare. The severity of these threats has led cybersecurity professionals to urge immediate patching of affected systems. Microsoft has released patches, and organizations are advised to implement them without delay to mitigate the risks associated with these vulnerabilities. The CVEs associated with these vulnerabilities have been assigned high CVSS scores, underlining their critical nature. As the threat landscape continues to evolve, timely updates and vigilance are paramount for all organizations.
Also In Security Today
- Ingram Micro Ransomware Attack: IT distributor Ingram Micro was hit by a ransomware attack from the SafePay group, leading to significant operational disruptions and estimated losses of $136 million daily during the shutdown.
- NightEagle APT Targets Microsoft Exchange: The advanced persistent threat group NightEagle has been exploiting unpatched vulnerabilities in Microsoft Exchange to conduct data theft in China’s high-tech sectors since 2023, showcasing the ongoing risk of APT activities.
- Shifting Cybersecurity Landscape: July's cybersecurity trends reveal a troubling increase in actively exploited vulnerabilities across various platforms, emphasizing the need for robust cybersecurity measures as organizations face sophisticated threats.