Microsoft SharePoint Vulnerability Sparks Urgent Cybersecurity Warning from Federal Agency

Updated on Jul 21, 2025
By J. Shanmugam
News Reporter
Reviewed by Shekhar Vaidya

Highlights

  • A dangerous flaw in on-premises Microsoft SharePoint Server is being actively exploited worldwide
  • Over 50 organizations have already been affected by this specific vulnerability
  • Australia’s top cyber agency urges immediate patching and system hardening
Microsoft SharePoint vulnerability (1)
TechLatest is supported by readers. We may earn a commission for purchases using our links. Learn more.

If your company is using Microsoft SharePoint Server on its own servers, and not the cloud version, you probably need to look into this.

There’s a new vulnerability, it’s being tracked as CVE-2025-53770, and honestly, it’s not something to take lightly.

Don’t want to miss the best from TechLatest?
Set us as a preferred source in Google Search and make sure you never miss our latest.

I know not everyone checks Microsoft blogs or tech tutorials every day. But this one’s serious because it’s being actively used by attackers right now. So I figured it’s better I explain it in plain English.

There’s a Big Microsoft SharePoint Vulnerability You Shouldn’t Ignore

What’s Going On

Basically, this flaw lets someone run harmful code on your SharePoint Server. And they don’t even need to log in or have access. It works remotely, over the network. Which is pretty dangerous if you think about it.

According to reports, more than 50 organizations have already been affected. That’s not small. And the Australian Cyber Security Centre (ACSC) even called it critical, which they don’t do unless it’s something real bad.

Microsoft SharePoint vulnerability
Image Credits: Microsoft

Again, this doesn’t affect SharePoint Online. That’s the version you use on Microsoft’s cloud. So if you’re using that, you’re good. But if you’ve got SharePoint running on your company’s own physical server, then yeah, you’re in the danger zone.

What You Should Do

Microsoft gave a few steps, and honestly, it’s best to just follow them:

  • Make sure you’re using a supported version of SharePoint Server. If not, update it.
  • When the July 2025 Security Update drops, install it right away.
  • Enable AMSI (that’s Antimalware Scan Interface). Check if it’s on and working with your antivirus, like Microsoft Defender.
  • Add a solid endpoint protection tool, something like Defender for Endpoint, or whatever you trust.
  • Also, don’t forget to rotate your ASP.NET machine keys once in a while. It’s just a good practice.

It might seem like a lot, but most of this stuff is regular security hygiene. The difference now is, with this vulnerability being live and exploited, delays can cost you.

Look, if you’re running on-premises SharePoint, you can’t ignore this. It’s not some theoretical bug. It’s real, it’s active, and attackers are out there looking for outdated servers.

You don’t have to panic, but you do need to act fast. Stay updated. Keep your systems patched. And if you’re unsure whether you’re affected, it’s worth getting someone from IT to double-check.

Enjoyed this article?

If TechLatest has helped you, consider supporting us with a one-time tip on Ko-fi. Every contribution keeps our work free and independent.

Support on Ko-fi
Leave a Comment
Related Topics
About the Author
J. Shanmugam
(622 Articles Published) News Reporter
Jeeva Shanmugam is a highly skilled content writer with expertise in writing articles, blogs, and other forms of content on various technology-related topics. He has extensive knowledge of software development, networking, cybersecurity, and other related fields.
Subscribe
Notify of
guest
0 Comments
Newest
Oldest