Microsoft warns of SharePoint exploitation, says enable AMSI to stay secure!

A partial remediation of a vulnerability in Microsoft SharePoint, implemented just over ten days back, has now led to the weakness being exploited, Microsoft warned on July 19 2025. The partial remediation, as it turned out subsequently,had been published on July 8 during Microsoft's monthly Patch Tuesday report. It was numbered CVE-2025-49704 while the since-discovered unremediated and since-exploited vulnerability is CVE-2025-53770.

A similar tango was also discovered in another SharePoint vulnerability CVE-2025-49706 that had also been partially patched in July's Patch Tuesday, has now led to the completely-addressed vulnerability being published as CVE-2025-53771. But this one has not been exploited, according to Microsoft, terming exploitation of this vulnerability as less likely.

The vulnerabilities pertain to on-premise SharePoint deployments.

While a comprehensive upgrade is not yet available as of July 21 2025, Microsoft provided an update on July 20 2025 for Microsoft SharePoint Server Subscription Edition and Microsoft SharePoint Server 2019.

Comments

Post a Comment

Popular posts from this blog

Four new (from past years) vulnerabilities to be monitored after CISA flags them as exploited

 Four vulnerabilities were added by CISA, the American cybersecurity agency, to its catalog of vulnerabilities that are known to be exploited. The additions to the catalog made on July 7 2025 did not include any zero days (unknown to the product vendor) or recently discovered vulnerabilities. One was a vulnerability from 2014, another was from 2016 while two more were from 2019. CVE-2014-3931 is an arbitrary-memory-write vulnerability in MRLG (Multi Router Looking Glass) which was fixed in version 5.5.0 .  CVE-2016-10033 is a critical arbitrary code execution vulnerability in PHPMailer before version 5.2.18 . Latest version can be found here . CVE-2019-5418 is a file-content exposure vulnerability in Action View with possible remote code execution (exploit available) in versions 5.2.2.1, 5.1.6.2, 5.0.7.2 and 4.2.11.1 CVE-2019-9621 is a Server Side Reuest Forgery vulnerability in Zimbra Collaboration Suite that was fixed in version 8.8.1 Patch 7 or 8.8.11 Patch 3
Read more

Citrix NetScaler ADC and Gateway has been exploited: Patch now!

 The US Cybersecurity and Information Security Agency (CISA) has alerted on exploitation of a vulnerability in NetScaler ADC and NetScaler Gateway. The products were previously known as Citrix ADC and Citrix Gateway respectively. CVE-2025-5777 affects versions 14.1 BEFORE 14.1-43.56 of the two products as well as 13.1 BEFORE 13.1-58.32. The Out-of-Bounds Read vulnerability has a CVSS v4.0 Base Scre of 9.3.
Read more