NEW YORK (AP) — Microsoft has issued an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.
The company issued an alert to customers Saturday saying it was aware of the zero-day exploit — where hackers take advantage of a previously unknown vulnerability — being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.
Cyber criminals often use zero-day exploits to steal sensitive data and passwords. The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams.
The company said in its blog post that it discovered at least dozens of systems were compromised around the world. Security engineers stated the attacks occurred in waves on July 18 and 19.
Although the scope of the attack is still being assessed, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that the impact could be widespread and recommended that any servers impacted by the exploit should be disconnected from the internet until they are patched.