SharePoint is one of those less-visible portions of Microsoft Office. It’s a tool for managing shared files across users and systems — if you don’t use it for work, you may never have heard of it, but if you do, it’s probably a lynchpin of your daily team functions. And there’s bad news if you fall into the latter category: two massive zero-day vulnerabilities in the software are being actively exploited.
Microsoft has released a patch that fixes up two critical vulnerabilities in the current, Microsoft 365 version of SharePoint, as well as the older standalone SharePoint 2019 release. The company is recommending an immediate update for these out-of-band patches, according to Bleeping Computer. Unfortunately the non-subscription SharePoint 2016 release has not been patched yet, though that’s in the works.
These are Remote Code Execution (RCE) vulnerabilities discovered following the latest Pwn2Own security conference, which were themselves patched earlier, but led to even newer weaknesses coming out. That’s the bad stuff — RCE can be exploited to deliver malware payloads that can completely compromise Windows. SharePoint users and administrators can apply the updates via Central Admin or PowerShell, using these instructions.
Further reading: These 3 crucial Windows security mistakes can wreck your PC
Â
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.