Techly NewsGet the app

Get the latest tech news

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch


The patches fix the security holes in more recent versions of SharePoint, but the 2016 version is still at risk.

"On the evening of July 18, 2025, Eye Security was the first in identifying large-scale exploitation of a newSharePoint remote code execution (RCE)vulnerability chain in the wild," the firm said. Bypassing security protections, hackers can execute code remotely, thereby gaining access to SharePoint content, system files, and configurations. Since SharePoint connects to other Microsoft services such as Outlook, Teams, and OneDrive, hackers can move laterally across a network to steal associated passwords and data.

Get the Android app

Or read this on ZDNet

Read more on:

Photo of Microsoft

Microsoft

Photo of Days

Days

Photo of attack

attack

Related news:

News photo

Global hack on Microsoft Sharepoint hits U.S., state agencies, researchers say

News photo

Microsoft patches under-attack SharePoint 2019 and SE

News photo

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

« I found a tablet that could replace my iPad and Kindle - and it's worth every penny
The €43B EU CHIPS Act gets green light. – TechHQ »