By Annie Palmer
Microsoft has warned of “active attacks” targeting its SharePoint collaboration software, with security researchers noting that organizations worldwide stand to be affected by the breach.
The Cybersecurity and Infrastructure Security Agency said Sunday in a release that the vulnerability provides unauthenticated access to systems and full access to SharePoint content, enabling bad actors to execute code over the network.
CISA said that while the scope and impact of the attack continue to be assessed, the agency warned that it “poses a risk to organizations.”
Microsoft late Sunday issued fixes for customers to apply to two versions of the SharePoint software. Another 2016 version remains vulnerable and the company said it is working to develop a patch.
Researchers at Palo Alto Networks said the hack likely reached thousands of organizations globally.
“The exploits are real, in-the-wild and pose a serious threat,” they added.
Disclaimer
The information contained in South Florida Reporter is for general information purposes only.
The South Florida Reporter assumes no responsibility for errors or omissions in the contents of the Service.
In no event shall the South Florida Reporter be liable for any special, direct, indirect, consequential, or incidental damages or any damages whatsoever, whether in an action of contract, negligence or other tort, arising out of or in connection with the use of the Service or the contents of the Service. The Company reserves the right to make additions, deletions, or modifications to the contents of the Service at any time without prior notice.
The Company does not warrant that the Service is free of viruses or other harmful components
