Microsoft releases urgent fix for SharePoint zero-day vulnerability

Microsoft has issued an emergency fix in its SharePoint software after hackers began exploiting a vulnerability to carry out widespread cyberattacks.

On Saturday, the company issued an alert saying organizations using the software should apply security updates immediately. SharePoint Online in Microsoft 365 was not hit by the attacks.

The Washington Postfirst broke the news, saying that the hacks were being used to launch an attack on targeted U.S. and international organizations. These attacks, conducted on both businesses and some federal agencies, saw hackers stealing sensitive data and passwords.

“We’ve been coordinating closely with CISA, DOD Cyber Defense Command and key cybersecurity partners globally throughout our response,” said a company spokesperson in a statement.

Known as a “zero-day” attack, the threat is the result of a previously undetected vulnerability. Tens of thousands of servers were put at risk, according to CNN.