The company said SharePoint Online in Microsoft 365, stored in the cloud, was not hit by the exploit. The attack is dubbed by experts as "zero day," because, officials said, it was a shock to ...

NEW YORK (AP) — Microsoft has issued an emergency fix to close off a vulnerability in Microsoft’s widely-used SharePoint software that hackers have exploited to carry out widespread attacks on ...

Microsoft said the vulnerability affects only on-site SharePoint servers used within businesses or organizations, and does not affect Microsoft’s cloud-based SharePoint Online service.

"Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771," the ...