Our Bureau
Mumbai
Microsoft has been facing constant trouble because of the hackers carrying out large-scale cyberattacks on the servers of their company. It is being stated that hackers have found an unpatched and critical zero-day vulnerability in Microsoft SharePoint tracked as CVE-2025-53770. It has led to more than 75 servers of the company being hampered including servers of many big-time corporations and government agencies of the United States.
It is major news for the companies that operate on Microsoft collaboration platform as they face heavy security threats due to the cyber attacks. Microsoft has acknowledged the security issue and the company has stated that they are actively working on providing security updates and other details on the matter. The company said, “Our team is actively working to release a security update and will provide additional details as they are available.”
As per the reports, Microsoft SharePoint has a vulnerability rating of 9.8 on the CVSS scale. The cyberattacks that have happened actually allow unauthenticated remote code execution by exploiting how SharePoint deserializes untrusted data.
The attackers are using this vulnerability to steal cryptographic keys and deploy persistent web shells that will allow them complete access to the affected systems. It is also to be highlighted that this CVE-2025-53770 is actually a variant of their CVE-2025-49706 bug which the company patched in the updates they shared this month.
The company has reported that the people who are currently using the 2016, 2019, or Subscription Edition of Microsoft SharePoint are the ones that are affected by the security breach. They have also cleared that the people who are using SharePoint Online through Microsoft 365 don’t really have to worry about their security as the cyberattacks cannot get to them.
