Microsoft vulnerabilities trigger a global security crisis! Over 10,000 enterprise servers are at risk

Zhitong
2025.07.21 04:03
portai
I'm PortAI, I can summarize articles.

Microsoft server software suffers from an unknown hacker attack, with over 10,000 enterprises worldwide facing security risks. Microsoft has released a new security patch for SharePoint servers to address active attacks. The U.S. Cybersecurity and Infrastructure Security Agency has confirmed the vulnerability, which hackers can exploit to access the file system and execute code. Researchers point out that the most affected enterprises are in the United States, followed by the Netherlands, the United Kingdom, and Canada. Google's Threat Intelligence Group warns that hackers have exploited this vulnerability, potentially leading to ongoing unauthorized access

According to Zhitong Finance APP, Microsoft's (MSFT.US) server software is under attack by unidentified hackers, and cybersecurity analysts warn of a potential large-scale security vulnerability globally.

Microsoft stated that it has released a new security patch for SharePoint servers "to mitigate active attacks on on-premises servers" and mentioned that it is deploying more fixes.

The U.S. Cybersecurity and Infrastructure Security Agency confirmed the existence of the vulnerability, noting that hackers could exploit it to access file systems, internal configurations, and execute code over the network.

Censys researcher Silas Cutler from a Michigan cybersecurity firm estimated that over 10,000 companies worldwide using SharePoint servers are at risk, with the highest number of affected companies in the U.S., followed by the Netherlands, the UK, and Canada.

"This is a dream come true for ransomware operators; many attackers will be working overtime this weekend," he added.

Palo Alto Networks warned that "these vulnerabilities are real and pose a serious threat."

Google's Threat Analysis Group stated in an email that it has observed hackers exploiting the vulnerability, pointing out that it could lead to "persistent unauthorized access, posing significant risks to affected organizations."

U.S. media cited state government officials and independent researchers stating that federal and state agencies, universities, energy companies, and an Asian telecommunications operator have been breached.

This is one of a series of cyberattacks Microsoft has faced recently. The company warned in March that Asian hackers were targeting remote management tools and cloud applications, intending to monitor several companies and organizations in the U.S. and abroad.

The White House's Cybersecurity Review Board pointed out last year that the security culture at Microsoft is "deficient" regarding the 2023 breach of Microsoft Exchange Online email. This incident led to the data breach of 22 organizations and hundreds of individuals, with victims including former U.S. Secretary of Commerce Gina Raimondo

Source: Zhitong The copyright of this article belongs to the original author/organization.
The views expressed herein are solely those of the author and do not reflect the stance of the platform. The content is intended for investment reference purposes only and shall not be considered as investment advice. Please contact us if you have any questions or suggestions regarding the content services provided by the platform.