Scary Cyberattack Warning From Microsoft Affects Government and Corporations

On Saturday, July 19, 2025, Microsoft issued an alert regarding cyberattacks via 2 vulnerabilities in SharePoint servers. These are the kind of on-premises servers used by corporations and government agencies. Updates are available, but the damage may already be done.

The Cyberattack

On Sunday, Reuters reported on the alert issued by Microsoft. They referred to the situation as “active attacks.” A cybersecurity expert has stated, “If you have SharePoint on-prem exposed to the internet, you should assume that you have been compromised at this point. Patching alone is insufficient to fully evict the threat.” If that sounds serious, that’s because it is. However, if you’re an individual user of cloud-based SharePoint through Microsoft 365, you aren’t directly affected by this.

The vulnerabilities are specific to the on-premises servers that run SharePoint, which is a “content and document management system.” Large companies and government agencies use this for document sharing, intranet websites, and similar content. The vulnerabilities opened the possibility of external bad actors to “execute code over a network” or “perform spoofing over a network.” Once in the affected systems via the cyberattack, one could access sensitive information, create backdoors, and more.

What Can Be Done?

Microsoft has already issued updates. They’ve advised customers to complete the updates and, if they’re using SharePoint 2016 or 2019, to upgrade and then apply the update. Still, it’s difficult to know how much damage has already been done. SharePoint is integrated into many Microsoft products used by possibly affected customers. That includes things like Office, Teams, Outlook, and OneDrive. So, once the cyberattack gets the infiltrator inside, they could have access to quite a lot of information.

One thing is clear about this situation: internal cybersecurity teams at corporations and governments are going to be scrambling to search for signs of anything unexpected going on in their systems. They certainly have their work cut out for them.