{"id":352714,"date":"2025-07-24T11:38:32","date_gmt":"2025-07-24T15:38:32","guid":{"rendered":"https:\/\/msftnewsnow.com\/?p=352714"},"modified":"2025-07-24T11:41:19","modified_gmt":"2025-07-24T15:41:19","slug":"sharepoint-zero-day-attacks-surge-over-400-orgshit","status":"publish","type":"post","link":"https:\/\/msftnewsnow.com\/sharepoint-zero-day-attacks-surge-over-400-orgshit\/","title":{"rendered":"SharePoint Zero-Day Attacks Surge: Over 400 Organizations Breached Amid Critical Microsoft Vulnerabilities"},"content":{"rendered":"<div class=\"relative\">\n<div class=\"prose text-pretty dark:prose-invert inline leading-normal break-words min-w-0 [word-break:break-word]\">\n<p>A wave of cyberattacks <a href=\"https:\/\/msftnewsnow.com\/chinese-hackers-exploit-sharepoint-vulnerabilities\/\" target=\"_blank\" rel=\"noopener\">linked to Chinese-backed threat actors<\/a> is sweeping across global enterprises, exploiting multiple zero-day vulnerabilities in Microsoft <a href=\"https:\/\/msftnewsnow.com\/tag\/sharepoint\" target=\"_blank\" rel=\"noopener\">SharePoint<\/a>. These coordinated attacks\u2014leveraging CVE-2025-49704, CVE-2025-49706, and newly identified patch bypasses CVE-2025-53770 and CVE-2025-53771\u2014are fueling both ransomware outbreaks and strategic espionage campaigns. At least 400 organizations have been breached as of July 24, 2025 (<a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2025-07-23\/tally-of-microsoft-victims-surges-as-hackers-race-to-capitalize\" target=\"_blank\" rel=\"noopener\">via <em>Bloomberg<\/em><\/a>), with high-profile targets <a href=\"https:\/\/msftnewsnow.com\/microsoft-sharepoint-zero-day-hacks-us-nuclear-set\/\" target=\"_blank\" rel=\"noopener\">including the U.S. Nuclear Agency<\/a>, critical infrastructure, and major enterprises.<\/p>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>SharePoint Zero-Day Vulnerabilities Involved<\/strong><\/h2>\n<p><a href=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&lossy=1&quality=88&sharp=1&w=2560&ssl=1\"><img decoding=\"async\" data-attachment-id=\"352735\" data-permalink=\"https:\/\/msftnewsnow.com\/sharepoint-zero-day-attacks-surge-over-400-orgshit\/download-3-2\/#main\" data-orig-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-orig-size=\"1024,576\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;{\\&quot;prompt\\&quot;:\\&quot;SharePoint Zero-Day Attacks Surge\\&quot;,\\&quot;originalPrompt\\&quot;:\\&quot;SharePoint Zero-Day Attacks Surge\\&quot;,\\&quot;width\\&quot;:1024,\\&quot;height\\&quot;:576,\\&quot;seed\\&quot;:42,\\&quot;model\\&quot;:\\&quot;flux\\&quot;,\\&quot;enhance\\&quot;:false,\\&quot;nologo\\&quot;:true,\\&quot;negative_prompt\\&quot;:\\&quot;undefined\\&quot;,\\&quot;nofeed\\&quot;:false,\\&quot;safe\\&quot;:false,\\&quot;quality\\&quot;:\\&quot;medium\\&quot;,\\&quot;image\\&quot;:[],\\&quot;transparent\\&quot;:false,\\&quot;isMature\\&quot;:false,\\&quot;isChild\\&quot;:false}&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;1&quot;}\" data-image-title=\"download (3)\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" data-large-file=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" class=\"alignnone size-full wp-image-352735\" src=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&lossy=1&quality=88&sharp=1&ssl=1\" alt=\"SharePoint Zero-Day Attacks Surge: Over 400 Organizations Breached Amid Critical Microsoft Vulnerabilities\" width=\"1024\" height=\"576\" srcset=\"https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 1024w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3-150x84.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;ssl=1 150w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=204&amp;ssl=1 204w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=409&amp;ssl=1 409w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=614&amp;ssl=1 614w, https:\/\/e7drz69p964.exactdn.com\/wp-content\/uploads\/2025\/07\/download-3.jpg?strip=all&amp;lossy=1&amp;quality=88&amp;sharp=1&amp;w=819&amp;ssl=1 819w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p class=\"my-0\">Recent investigations have uncovered four critical flaws at the heart of this campaign:<\/p>\n<div class=\"group relative\">\n<div class=\"w-full overflow-x-auto md:max-w-[90vw] border-borderMain\/50 ring-borderMain\/50 divide-borderMain\/50 dark:divide-borderMainDark\/50 dark:ring-borderMainDark\/50 dark:border-borderMainDark\/50 bg-transparent\">\n<table class=\"border-borderMain my-[1em] w-full table-auto border\">\n<thead class=\"bg-offset\">\n<tr>\n<th class=\"border-borderMain px-sm py-sm dark:border-borderMainDark break-normal border text-left align-top\">CVE-ID<\/th>\n<th class=\"border-borderMain px-sm py-sm dark:border-borderMainDark break-normal border text-left align-top\">Description<\/th>\n<th class=\"border-borderMain px-sm py-sm dark:border-borderMainDark break-normal border text-left align-top\">Patch Status<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">CVE-2025-49704<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Remote code execution in SharePoint<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Patch released, but exploits continue<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">CVE-2025-49706<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Authentication bypass vulnerability<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Patch released, attackers still active<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">CVE-2025-53770<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Patch bypass for previous zero-days<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">No comprehensive fix<\/td>\n<\/tr>\n<tr>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">CVE-2025-53771<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">Improper validation enabling privilege escalation<\/td>\n<td class=\"border-borderMain px-sm dark:border-borderMainDark min-w-[48px] break-normal border\">No comprehensive fix<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<div class=\"px-two bg-background border-border shadow-subtle pointer-coarse:opacity-100 right-xs absolute bottom-0 flex gap-2 rounded-lg border py-px opacity-0 transition-opacity group-hover:opacity-100\">\n<div>\n<div class=\"flex items-center min-w-0 font-medium gap-1 justify-center\">\n<div class=\"flex shrink-0 items-center justify-center size-3.5\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p class=\"my-0\">These loopholes allow attackers to:<\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\">Steal admin credentials and sensitive data.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Deploy ransomware that cripples organizations\u2019 business operations.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Establish backdoors for ongoing espionage activities.<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>How the Attacks Unfold<\/strong><\/h2>\n<h3 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Step 1: Initial Exploitation<\/strong><\/h3>\n<p class=\"my-0\">Attackers target unpatched or partially patched SharePoint servers using weaponized exploits. Once inside, they quickly escalate privileges and move laterally within affected networks.<\/p>\n<h3 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Step 2: Payload Deployment<\/strong><\/h3>\n<p class=\"my-0\">Threat actors deploy ransomware, disrupt mission-critical operations, and in many cases exfiltrate confidential data\u2014sometimes selling it on dark web forums or using it for extortion.<\/p>\n<h3 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Step 3: Espionage &amp; Persistence<\/strong><\/h3>\n<p class=\"my-0\">Evidence points to continued presence on compromised systems, suggesting a dual strategy of financial extortion and state-sponsored espionage, particularly against government agencies and vital infrastructure.<\/p>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Global Impact<\/strong><\/h2>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\"><strong>Victim Count<\/strong>: Over 400 organizations confirmed breached worldwide.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Sectors Hit<\/strong>: High-profile victims include U.S. government agencies (notably the U.S. Nuclear Agency), financial institutions, healthcare organizations, and Fortune 500 companies.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Ransomware Fallout<\/strong>: Numerous organizations report paralyzed networks, locked files, financial losses from ransom demands, and enduring reputational damage.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Espionage Concerns<\/strong>: Attackers have allegedly accessed sensitive, classified, or proprietary data, raising the stakes for governments and private companies alike.<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Microsoft\u2019s Response and Ongoing Scrutiny<\/strong><\/h2>\n<p class=\"my-0\">Microsoft has acknowledged the severity of these attacks and <a href=\"https:\/\/msftnewsnow.com\/microsoft-sharepoint-zero-day-attack-toolshell\/\" target=\"_blank\" rel=\"noopener\">issued urgent guidance for SharePoint customers<\/a>. The company:<\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\">Released partial patches for CVE-2025-49704 and CVE-2025-49706 but has not fully mitigated newer bypasses (CVE-2025-53770, CVE-2025-53771).<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Recommends immediate patching where possible, enhanced log monitoring, and further isolation of vulnerable systems.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Faces criticism from security researchers and IT administrators for a perceived delay in addressing the full spectrum of the vulnerabilities and for not providing comprehensive fixes fast enough.<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Guidance for IT Teams<\/strong><\/h2>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\"><strong>Patch immediately:<\/strong> Apply available updates to all on-premises SharePoint instances.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Implement network segmentation:<\/strong> Restrict access to SharePoint servers from the public internet.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Enable advanced monitoring:<\/strong> Use endpoint protection and SIEM tools to watch for signs of lateral movement, privilege escalation, and known IOCs.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Backups:<\/strong> Ensure that backups are regularly updated, tested, and kept offline to defend against ransomware.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Incident Response:<\/strong> Review Microsoft\u2019s latest mitigation steps and prepare incident response playbooks for potential breaches.<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Debate Over On-Premises SharePoint Deployments<\/strong><\/h2>\n<p class=\"my-0\">Despite Microsoft\u2019s cloud-first push, thousands of organizations worldwide still rely on on-premises SharePoint for sensitive document management. The current zero-day crisis renews questions about:<\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\">The wisdom of sustaining local deployments versus migrating to Microsoft 365 cloud services.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">The difficulty IT teams face in keeping on-premises servers up-to-date, especially with incomplete or evolving patch cycles.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Whether Microsoft\u2019s cloud platforms provide better intrinsic security or simply shift the attack surface elsewhere.<\/p>\n<\/li>\n<\/ul>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>Security Community and Industry Reactions<\/strong><\/h2>\n<p class=\"my-0\">Prominent cybersecurity firms and U.S. policymakers are pressing Microsoft to:<\/p>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\">Provide rapid, full-spectrum patches\u2014not just workarounds or \u201cband-aid\u201d fixes.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Increase transparency about exploitation timelines and reconnaissance by threat actors.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\">Consider automatic patching models for critical vulnerabilities in key software like SharePoint.<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-0\">Recent industry roundtables echo the urgency: \u201cThese flaws underline the high, persistent risk facing any organization running core Microsoft infrastructure on-premises, especially when attackers weaponize their detection of patch gaps against mission-critical services.\u201d<\/p>\n<h2 class=\"mb-xs mt-5 text-base font-[500] first:mt-0 dark:font-[475]\"><strong>What\u2019s Next?<\/strong><\/h2>\n<ul class=\"marker:text-textOff list-disc\">\n<li>\n<p class=\"my-0\"><strong>Ongoing Exploitation:<\/strong> Security analysts expect further victim disclosures as investigations continue and additional groups attempt to exploit the same weaknesses.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Regulatory Pressure:<\/strong> With government agencies hit, expect deeper scrutiny from regulators regarding how Microsoft and large organizations manage vulnerability disclosure, patching, and risk\u2014possibly spurring new policy mandates.<\/p>\n<\/li>\n<li>\n<p class=\"my-0\"><strong>Wider Attack Campaigns:<\/strong> Copycat actors are likely to target organizations slow to update, prolonging the threat window.<\/p>\n<\/li>\n<\/ul>\n<p class=\"my-0\">Organizations must act immediately to secure their systems, remain vigilant for signs of compromise, and implement layered defense strategies given the evolving tactics of state-backed and criminal hacker groups.<\/p>\n<p class=\"my-0\">The July 2025 Microsoft SharePoint zero-day crisis is a decisive wake-up call for the global community. With hundreds of organizations breached\u2014<a href=\"https:\/\/msftnewsnow.com\/microsoft-sharepoint-zero-day-hacks-us-nuclear-set\/\" target=\"_blank\" rel=\"noopener\">including the U.S. Nuclear Agency<\/a>\u2014security posture for legacy, on-premises SharePoint must be urgently reevaluated. Microsoft\u2019s response, the speed of patch deployment, and the ability of organizations to adapt will determine the lasting impact of this major cyber incident.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>A wave of cyberattacks linked to Chinese-backed threat actors is sweeping across global enterprises, exploiting multiple zero-day vulnerabilities in Microsoft SharePoint. These coordinated attacks\u2014leveraging CVE-2025-49704, CVE-2025-49706, and newly identified patch bypasses CVE-2025-53770 and CVE-2025-53771\u2014are fueling both ransomware outbreaks and strategic espionage campaigns. At least 400 organizations have been breached as of July 24, 2025 (via &#8230; <a title=\"SharePoint Zero-Day Attacks Surge: Over 400 Organizations Breached Amid Critical Microsoft Vulnerabilities\" class=\"read-more\" href=\"https:\/\/msftnewsnow.com\/sharepoint-zero-day-attacks-surge-over-400-orgshit\/\" aria-label=\"Read more about SharePoint Zero-Day Attacks Surge: Over 400 Organizations Breached Amid Critical Microsoft Vulnerabilities\">Read more<\/a><\/p>\n","protected":false},"author":208461344,"featured_media":352725,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[24,2448],"tags":[1348,1271,778,668,1083,1188,1510],"class_list":["post-352714","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-microsoft-365-and-office","tag-authentication","tag-cybersecurity","tag-microsoft","tag-microsoft-365","tag-security","tag-sharepoint","tag-surface"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/image.jpeg","jetpack_shortlink":"https:\/\/wp.me\/pfgCZY-1tKW","jetpack-related-posts":[{"id":351573,"url":"https:\/\/msftnewsnow.com\/microsoft-sharepoint-zero-day-hacks-us-nuclear-set\/","url_meta":{"origin":352714,"position":0},"title":"Microsoft SharePoint Zero-Day Exploit Exposes U.S. National Nuclear Security Administration (NNSA)","author":"Dave W. Shanahan","date":"July 23, 2025","format":false,"excerpt":"A severe zero-day vulnerability in Microsoft SharePoint Server has triggered a cybersecurity crisis, culminating in breaches of over 50 organizations, including the U.S. National Nuclear Security Administration (NNSA) \u2014 the agency responsible for America\u2019s nuclear arsenal security. As reported by Bloomberg, Microsoft and federal authorities confirm that the exploit has\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft SharePoint Zero-Day Exploit Exposes U.S. National Nuclear Security Administration (NNSA)","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/download.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/download.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/download.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/download.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":351492,"url":"https:\/\/msftnewsnow.com\/chinese-hackers-exploit-sharepoint-vulnerabilities\/","url_meta":{"origin":352714,"position":1},"title":"Microsoft Says Chinese State Actors Exploit New SharePoint Vulnerabilities: CVE-2025-53770, CVE-2025-49704, CVE-2025-49706, and CVE-2025-53771, Immediate Security Updates Required","author":"Dave W. Shanahan","date":"July 22, 2025","format":false,"excerpt":"Microsoft has sounded the alarm after discovering ongoing, active exploitation of multiple critical SharePoint vulnerabilities in on-premises SharePoint Server deployments. The Microsoft Security Response Center (MSRC) blog published on July 19, 2025, reveals that Chinese nation-state actors, including Linen Typhoon, Violet Typhoon, and Storm-2603, are targeting CVE-2025-53770, CVE-2025-49704, CVE-2025-49706, and\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Chinese State Actors Exploit New SharePoint Vulnerabilities: CVE-2025-53770, CVE-2025-49704, CVE-2025-49706, and CVE-2025-53771, Microsoft Urges Immediate Security Updates","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/png-transparent-microsoft-sharepoint-server-microsoft-project-web-part-document-share-blue-text-trademark.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/png-transparent-microsoft-sharepoint-server-microsoft-project-web-part-document-share-blue-text-trademark.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/png-transparent-microsoft-sharepoint-server-microsoft-project-web-part-document-share-blue-text-trademark.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2024\/07\/png-transparent-microsoft-sharepoint-server-microsoft-project-web-part-document-share-blue-text-trademark.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":350079,"url":"https:\/\/msftnewsnow.com\/july-2025-microsoft-patch-tuesday-vulnerabilities\/","url_meta":{"origin":352714,"position":2},"title":"July 2025 Microsoft Patch Tuesday: 137 Vulnerabilities Fixed, One Zero-Day in SQL Server, Critical Office and AMD Flaws","author":"Dave W. Shanahan","date":"July 8, 2025","format":false,"excerpt":"Microsoft has released its July 2025 Patch Tuesday security updates, addressing a sweeping total of 137 vulnerabilities across its product portfolio. This month\u2019s Microsoft Patch Tuesday cycle is headlined by a publicly disclosed zero-day vulnerability in Microsoft SQL Server, alongside a host of critical flaws in Microsoft Office, SharePoint, and\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"July 2025 Microsoft Patch Tuesday: 137 Vulnerabilities Fixed, One Zero-Day in SQL Server, Critical Office and AMD Flaws","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/avdd8ckrtwd25gzo2tnu-scaled.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/avdd8ckrtwd25gzo2tnu-scaled.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/avdd8ckrtwd25gzo2tnu-scaled.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/avdd8ckrtwd25gzo2tnu-scaled.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/avdd8ckrtwd25gzo2tnu-scaled.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":351371,"url":"https:\/\/msftnewsnow.com\/microsoft-sharepoint-zero-day-attack-toolshell\/","url_meta":{"origin":352714,"position":3},"title":"Critical Microsoft SharePoint Zero-Day Attack CVE-2025-53770 Exposes On-Premises Servers, Emergency Guidance Issued","author":"Dave W. Shanahan","date":"July 20, 2025","format":false,"excerpt":"Microsoft has confirmed a major zero-day vulnerability is being actively exploited in on-premises SharePoint Server, with no patch currently available for most affected versions. Dubbed CVE-2025-53770\u2014nicknamed \u201cToolShell\u201d by researchers\u2014the Microsoft SharePoint flaw enables unauthenticated attackers to take full control of targeted SharePoint servers. As of July 20, 2025, the attacks\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Critical Microsoft SharePoint Zero-Day Attack Exposes On-Premises Servers: Emergency Guidance Issued","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/24e12846-443b-4210-a446-e47d0e59ecba-scaled.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/24e12846-443b-4210-a446-e47d0e59ecba-scaled.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/24e12846-443b-4210-a446-e47d0e59ecba-scaled.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/24e12846-443b-4210-a446-e47d0e59ecba-scaled.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/07\/24e12846-443b-4210-a446-e47d0e59ecba-scaled.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":341923,"url":"https:\/\/msftnewsnow.com\/microsofts-may-2025-patch-tuesday-five-zero-days\/","url_meta":{"origin":352714,"position":4},"title":"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know","author":"Dave W. Shanahan","date":"May 14, 2025","format":false,"excerpt":"Yesterday, Microsoft released its latest Patch Tuesday security updates, addressing a total of 72 vulnerabilities across its product portfolio-including Windows, Office, Azure, and more. This month\u2019s update is especially urgent, as it patches five zero-day vulnerabilities already being exploited in the wild and two additional flaws that were publicly disclosed\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft\u2019s May 2025 Patch Tuesday: Five New Zero-Days Exploited, 72 Flaws Patched: What You Need to Know","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/05\/download-10.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/05\/download-10.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/05\/download-10.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/05\/download-10.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":347001,"url":"https:\/\/msftnewsnow.com\/microsoft-patch-tuesday-june-2025-65-security-fix\/","url_meta":{"origin":352714,"position":5},"title":"Microsoft Patch Tuesday June 2025: 65+ Security Vulnerabilities Patched, Zero-Day Exploit Fixed","author":"Dave W. Shanahan","date":"June 11, 2025","format":false,"excerpt":"Microsoft\u2019s June 2025 Patch Tuesday has arrived, delivering urgent security fixes for a broad range of its products. The company addressed more than 65 vulnerabilities, including a zero-day exploit that was being actively used in cyber espionage campaigns. This month\u2019s updates are critical for both enterprise and individual users, reinforcing\u2026","rel":"","context":"In &quot;News&quot;","block_context":{"text":"News","link":"https:\/\/msftnewsnow.com\/news\/"},"img":{"alt_text":"Microsoft Patch Tuesday June 2025: 65+ Security Vulnerabilities Patched, Zero-Day Exploit Fixed","src":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/06\/xelmjbjubehnaogdqaxe-scaled.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/06\/xelmjbjubehnaogdqaxe-scaled.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/06\/xelmjbjubehnaogdqaxe-scaled.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/06\/xelmjbjubehnaogdqaxe-scaled.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/msftnewsnow.com\/wp-content\/uploads\/2025\/06\/xelmjbjubehnaogdqaxe-scaled.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]}],"jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts\/352714","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/users\/208461344"}],"replies":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/comments?post=352714"}],"version-history":[{"count":0,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/posts\/352714\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/media\/352725"}],"wp:attachment":[{"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/media?parent=352714"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/categories?post=352714"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/msftnewsnow.com\/wp-json\/wp\/v2\/tags?post=352714"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}