Greater Noida (Business Desk):In a recent cybersecurity alert, Igor Kuznetsov, Director of the Global Research & Analysis Team (GReAT) at Kaspersky, revealed that a critical Microsoft SharePoint vulnerability though promptly patched was already being actively exploited by threat actors prior to the fix.
According to Kuznetsov, successful exploitation of the flaw could allow attackers unauthorized access to sensitive internal data, disruption of authentication processes, remote code execution, and even long-term persistence within the victim’s IT infrastructure. Alarmingly, even after patching, the vulnerability may remain exploitable if organizations fail to take additional security measures, such as rotating cryptographic keys.
Kaspersky reported that its solutions proactively detected and blocked malicious activity related to this vulnerability. Telemetry data from the cybersecurity firm confirms that exploitation attempts have been observed worldwide, including regions such as Africa, Asia, the Middle East, and Russia.
The company strongly urges all organizations running Microsoft SharePoint Server to:
-
Apply the latest security updates without delay
-
Perform compromise assessments to detect any breach
-
Rotate authentication and cryptographic keys as a vital mitigation strategy
Kaspersky emphasized the need for immediate action, citing the potential for widespread impact if security protocols are not strictly followed.
