Microsoft alerts users of global hack targeting SharePoint

SharePoint logo on a cell phone
SharePoint hack Hackers have used a vulnerability in Microsoft's SharePoint in a zero-day exploit. (sdx15 - stock.adobe.com)
By Cox Media Group National Content Desk

Microsoft warned users that hackers used a security flaw in its server software to attack government agencies and businesses around the world.

Read more trending news

The federal government, along with those in Canada and Australia, has launched an investigation into the hack that targeted SharePoint servers, The Washington Post reported.

Experts said the hack probably started on July 18, The Associated Press reported.

Eye Security researchers first identified the issue and said that the attacks were not targeted but were instead made to affect as many people as possible, Bloomberg reported.

While Microsoft alerted users of the hack, it did not initially provide a patch to block nefarious actors from accessing servers, making it the responsibility of victims to respond, according to the newspaper.

The Cybersecurity & Infrastructure Security Agency has issued guidance on what to look for and how to fix the issue.

Only servers in an organization, not cloud-based ones, had been compromised.

The breach was a “zero-day exploit,” meaning that security engineers had “zero days” to develop a fix when the issue was discovered, the AP reported.

Microsoft has since released patches for its SharePoint Server 2019 and SharePoint Server Subscription edition and is working on a fix for its 2016 version of the software, the AP said.

The FBI was made aware of the security breach and is “working closely with our federal government and private sector partners.”

Not only does the hack, called “ToolShell” have access to SharePoint, that system is usually connected to Outlook, Teams and other services and can be used to take sensitive information and collect passwords.

Some experts said the hackers may also be able to continue to access data once the patches are installed.

It is not known who launched the hack. Some victims include servers in China, a state legislature in the eastern U.S., several European government agencies, universities and an energy company in what the Post said was a “large state.”

Bloomberg reported that “tens of thousands — if not hundreds of thousands — of businesses and institutions worldwide use SharePoint in some fashion."

Latest trending news:

© 2025 Cox Media Group

0
Comments on this article
0
On Air99.5 KISS FM - KISS Rocks San Antonio Logo
    View All
    844-470-5477

    More from KISS

    KISS Photos

    mobile apps

    Everything you love about kissrocks.com and more! Tap on any of the buttons below to download our app.

    Base64 encoded image Base64 encoded image

    amazon alexa

    Enable our Skill today to listen live at home on your Alexa Devices!