Microsoft has released an urgent fix for a serious security problem in its SharePoint software. Many businesses and government agencies use SharePoint to share documents within their organizations. Hackers discovered a way to break into systems using this software, which forced Microsoft to act quickly.
The security issue only affects companies running SharePoint on their own servers. If you use the cloud version called SharePoint Online, you don’t need to worry. Microsoft warns this is a critical problem because hackers can completely take over affected systems.
The company first tried to fix this issue in July, but hackers kept finding ways to attack. Now Microsoft has released a stronger solution and is telling all customers to update immediately. The FBI is aware of these attacks and is working with other agencies to stop them.
Here’s what organizations need to do right now:
Install Microsoft’s latest security update
Change the special security codes called “machine keys”
Restart their web servers
Even if companies can’t enable extra security features, they still must change those machine keys. The U.S. government considers this so serious that they’ve ordered all federal agencies to fix it by July 21, 2025.
Microsoft has completely fixed two specific problems:
CVE-2025-53770 (the main security hole)
CVE-2025-53771 (a related issue)
The company confirms that SharePoint 2019 and the Subscription Edition are now secure. However, other versions still need this critical update.
Microsoft’s warning is clear: “Don’t delay! Hackers are actively exploiting this weakness right now!” Any organization running their own SharePoint servers must take action immediately. Only the cloud-based version is safe without any changes needed.
This situation is especially important for companies handling sensitive documents. Hackers could steal private information or damage systems. The solution is available – businesses just need to install the update as soon as possible. Microsoft emphasizes that updating is the only reliable protection against these attacks.
If your workplace uses SharePoint on local servers, check for updates today. Cloud users don’t need to take any action. Make sure to inform your IT team about this urgent security matter immediately.