Microsoft has issued an emergency fix to close off a vulnerability in Microsoft’s widely-used SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some U.S. government agencies.  The company issued an alert to customers Saturday saying it was aware of the zero-day exploit being used to conduct attacks and that it was working to patch the issue. Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition.  These vulnerabilities apply to on-premises SharePoint Servers only.  SharePoint Online in Microsoft 365 is not impacted.

What You Should Do

  • Use supported versions of on-premises SharePoint Server
  • Apply the latest security updates, including the July 2025 Security Update
  • BMT Managed Services Clients, this has been taken care of for you!

Have questions or need assistance?  Reach out to a member of the BMT Security Team!