Microsoft has warned of “active attacks” against server software used by businesses and government agencies to share internal documents. Users were instructed by the IT giant to install the recommended security fixes right away.
FBI, Microsoft Confirm Coordinated Attacks
Although it could not provide any additional details, the FBI acknowledged on 20 July that it was aware of the attacks and was working with partners in the federal and private sectors. In an alert sent out on 19 July, Microsoft made it clear that the vulnerabilities only affect internal SharePoint servers that are hosted on-site by businesses.
The business affirmed that the attacks had no effect on SharePoint Online, the cloud-based version that is part of Microsoft 365. The Washington Post, which broke the story first, claims that unidentified hackers recently exploited a software vulnerability to launch an attack against US and international organisations and businesses.
Zero-Day Vulnerability Puts Thousands of Servers at Risk
According to experts the newspaper cited, the incident was a “zero-day” attack, meaning it took advantage of a weakness that had not been discovered before. Tens of thousands of servers could be at risk from the attack.
The company described the vulnerability in the alert as one that “allows an authorised attacker to perform spoofing over a network.” Microsoft also provided advice on how to stop the vulnerability from being exploited further.
Spoofing Risks: What It Means for Governments and Enterprises
A nefarious actor can use a spoofing attack to hide their identity and pose as a reliable person, group, or website in order to trick government organisations or financial markets. Microsoft recommended users install the security fix for the SharePoint Subscription Edition as soon as possible after announcing its release on July 20.
Additionally, the business mentioned that it is now working on security patches for SharePoint versions 2016 and 2019. Microsoft encouraged users who are unable to activate the suggested malware protection to take their servers offline in order to reduce their exposure to threats until those fixes are available.
Layoffs at Microsoft: 9,000 Employees Affected in Latest Round
According to various media reports, Microsoft is laying off 4% of its employees worldwide. The tech giant said on July 2, that it was letting go of almost 9,000 workers from several departments.
Professionals of all experience levels are apparently preparing for the impact of these layoffs, which are occurring across countries. This time, Microsoft disclosed the development on the second day of the month, even though it typically announces structural changes at the end of the new fiscal year.
Microsoft stated that it will keep implementing organisational changes that are required to best position the firm and teams for success in a dynamic environment, according to a media report that quoted a Microsoft spokesperson.
The software powerhouse has been making layoff announcements one after the other this year; in January, it said it intended to fire 1% of its employees depending on their performance.
Leave a Reply