Microsoft hit with SharePoint attack — one version still vulnerable

Microsoft warned “active attacks” to target Sharepoint Security researchers say that worldwide organizations will be affected by the violation.

Cyber Security and Infrastructure Security Agency in question On Sunday, a vulnerability of the security vulnerability to systems in a version in which bad actors execute code over the network by providing full access to unidentified access and Sharepoint content.

While Cisa continued to evaluate the scope and impact of the attack, the agency warned that the agency “poses a risk for organizations”.

Microsoft has made corrections to apply for two versions of the Sharepoint software on Sunday, late on Sunday. Another 2016 version remains vulnerable and the company in question He works to develop a patch.

Researchers PALO ALTO NETWORKS He said that Hack has reached thousands of organizations globally.

“Abuse pose a real, wild and serious threat.”

CNBC has reached Microsoft for additional comments and information.

Inside A warning On Saturday, Microsoft said the attack only applies to the Sharepoint servers, not in the cloud like Microsoft 365. Sharepoint software is widely used by global businesses and organizations to store and cooperate in documents.

The vulnerability is particularly interested because it allows the pirates to imitate users or services even after the SharePoint server is patched. in accordance with European Cyber Security Company said that he first defined the defect to researchers in eye safety.

Sharepoint servers are usually connected to other microsoft services such as Outlook and teams, which means that such a violation can lead to data theft and password harvest.

Separately, Alaska Airlines Due to the interruption of CT, he briefly stopped ground operations on Sunday for about three hours. In a carrier statement, approximately 2 AM ESTT lifted the floor stop.

It was unclear whether the deduction was related to the SharePoint attack.