Sharepoint
Urgent SharePoint Update: If you're referring to Microsoft SharePoint, there's a major development you should know about. A critical zero-day vulnerability (CVE-2025-53770) is actively being exploited, targeting on-premises SharePoint servers across sectors like government, healthcare, and education.
Key Details:
Impact: Over 75 servers compromised, with 9,000+ exposed globally
Threat: Attackers are stealing cryptographic keys, bypassing MFA, and executing remote code
Versions Affected: SharePoint Server 2016, 2019, and Subscription Edition (SharePoint Online is not impacted)
Indicators of Compromise: Look for suspicious file
spinstall0.aspx
and unusual outbound trafficImmediate Actions Recommended:
Apply patches: Microsoft has released updates for 2019 and Subscription Edition; 2016 patch is pending
Rotate keys: Reset
MachineKey
configurations and restart IISIsolate servers: Disconnect from the internet if patching is delayed
Assume breach: Begin incident response and forensic investigation