Techly NewsGet the app

Get the latest tech news

Microsoft Put Older Versions of SharePoint on Life Support. Hackers Are Taking Advantage


Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

The string of breaches adds to an already urgent and complex dynamic: Institutions that are longtime SharePoint users can face increased risk by continuing to use the service, just as Microsoft is winding down support for a platform in favor of newer cloud offerings. The United States Cybersecurity and Infrastructure Security Agency said in guidance about the vulnerability on Tuesday that, “CISA recommends disconnecting public-facing versions of SharePoint Server that have reached their end-of-life (EOL) or end-of-service (EOS). “For on-premises software like SharePoint, which is deeply integrated into the Microsoft identity stack, there are multiple points of exposure that need to be continuously monitored in order to know, expose, and close critical gaps,” says Bob Huber, chief security officer at the cybersecurity company Tenable.

Get the Android app

Or read this on Wired

Read more on:

Photo of Microsoft

Microsoft

Photo of Hackers

Hackers

Photo of advantage

advantage

Related news:

News photo

What to know about ToolShell, the SharePoint threat under mass exploitation

News photo

Nothing to see here: Brave browser blocks privacy-busting Microsoft Recall

News photo

Trump’s AI Plan Urges Lighter Touch by FTC in Win for Microsoft

« Lumo: Privacy-first AI assistant
The Big OOPs: Anatomy of a Thirty-Five Year Mistake »