Thought Leadership
IT security experts are sounding the alarm because authorities and companies are being attacked via a newly discovered vulnerability in Microsoft software.
According to the report, local servers for the SharePoint program for sharing files are affected. Attackers have already used the vulnerability to penetrate the systems of “dozens” of organizations, both in business and in the government sector, a manager at IT security firm Palo Alto Networks told the Washington Post.
Access to the servers potentially opens up the possibility of stealing data and tapping into passwords, warned the Dutch company Eye Security. Worse still, according to its experts, attackers can also steal digital keys, which they could later use to gain access to computer systems with a closed security gap.
“A significant weak point”
Anyone running a SharePoint server has a problem, said a manager at security firm Crowdstrike. “It’s a significant vulnerability.” In view of the attacks on “thousands” of servers, Eye Security recommends isolating or shutting them down.
Microsoft confirmed the problem in a blog post and published updates to fix the security vulnerability. It initially remained unclear who was behind the attacks. In the USA, servers belonging to two federal authorities were successfully attacked, wrote the Washington Post, citing experts. No details were given as to which authorities were involved.
US authority also warns
Microsoft had recently closed several vulnerabilities with an update. The attackers then found a similar vulnerability elsewhere. The American IT security authority CISA called on affected government agencies and companies to act quickly. The first indications of the attacks emerged on Friday.
Most recently, in 2023, suspected Chinese hackers gained access to emails in some US authorities via a vulnerability in Microsoft software.
dpa
