Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

More than 1,300 internet-exposed Microsoft SharePoint servers remain vulnerable to a spoofing vulnerability that has been exploited in ongoing attacks, despite being previously identified as a zero-day threat¹. The vulnerability, which affects Microsoft SharePoint servers, allows attackers to manipulate the system, emphasizing the need for immediate patching. The fact that over 1,300 servers are still unpatched suggests a significant window of exposure, particularly given the history of zero-day exploitation. Microsoft's products are frequently targeted by attackers, and the window for patching vulnerabilities can be brief. As a result, the ongoing attacks targeting these SharePoint servers pose a significant risk to organizations that have not applied the necessary patches. The vulnerability's continued exploitation underscores the importance of prompt patch management, especially for organizations using Microsoft SharePoint, so practitioners should assess their exposure and apply patches immediately to prevent potential security breaches.