Microsoft SharePoint zero-day hack hits ‘tens of thousands' of servers globally
'We are actively working on updates for SharePoint 2016 and 2019,' Microsoft added, indicating those versions remain unpatched for now. The company has also provided detection guidance and mitigation steps for defenders, available through its official blog.The breach does not affect SharePoint Online users within Microsoft 365's cloud environment. Instead, it targets internal servers hosted within organisations — commonly used by government bodies and large enterprises for document sharing and collaboration.According to The Washington Post, which first reported the incident, the hackers managed to exploit the flaw in recent days, gaining access to US federal and state agencies, European governments, energy firms, a university in Brazil, and an Asian telecommunications company. In some cases, attackers even 'hijacked' public document repositories, blocking officials from accessing them.Reportedly, the vulnerability allows for a type of spoofing attack, where an intruder can disguise themselves as a trusted source. With access to SharePoint servers, which is often connected to services like Outlook and Teams, hackers can steal sensitive data, harvest passwords, and potentially maintain long-term access using cryptographic keys.
What's especially concerning, according to reports, is that the attackers have obtained access keys that could allow them to return even after the systems are patched. 'So pushing out a patch on Monday or Tuesday doesn't help anybody who's been compromised in the past 72 hours,' one security researcher told The Washington Post.No technical details of the exploit chain have been disclosed publicly yet, but Microsoft's confirmation of active attacks suggests that the vulnerability may be part of a targeted campaign. The company's advisory underscores the urgency of applying the fix, especially for enterprise systems that rely on SharePoint for collaboration and content management. Microsoft is expected to release patches for SharePoint 2016 and 2019 soon, but until then, system administrators are advised to monitor for unusual activity and follow the detection steps outlined in Microsoft's guidance.- Ends
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Mint
7 minutes ago
- Mint
5 Windows settings I tweak on every new laptop to get more done faster
As someone who reviews multiple laptops, setting up a fresh machine each time gets a little repetitive. But over time, I have built a routine during setup that helps me get started faster. It also makes the device more efficient right from the start. Today, I am sharing these tricks with you so you can also make your Windows laptop experience much better. Setting up a new Windows laptop feels great, but not when you have to do it every few weeks. I discovered a simple trick to bypass the Microsoft account login screen. On the setup screen, press Shift + F10 to open Command Prompt. Then type oobe\bypassnro and press Enter. The laptop will reboot and return to the setup screen. When you reach the network setup stage this time, click 'I don't have internet' to create a local account. This saves time and avoids automatic sign-ins to all Microsoft apps. Trackpad gestures significantly boost productivity, especially when working with many browser tabs. I set the three-finger tap to act as the middle mouse button, which is ideal for opening links in new tabs and quickly closing them. I also customise the four-finger swipe up/down gestures to control volume. To do this, go to Settings > Bluetooth & devices > Touchpad > Advanced gestures. There, you can modify the three-finger and four-finger gestures to suit your workflow. You can also assign a four-finger tap to play/pause music and use four-finger left/right swipes to skip tracks. Most laptops come preloaded with bloatware that consumes storage and system resources, eventually slowing performance. You can uninstall these apps using a powerful uninstall tool called Revo Uninstaller. I recommend using this tool very carefully, as it can also uninstall system apps that may be important for Windows to function properly. Many laptops I review feature QHD+ or 4K resolutions, and default scaling often wastes valuable screen space. Adjusting the scaling greatly improves productivity by allowing more content to fit in apps and enhancing split-screen efficiency. To adjust, right-click on the desktop and select Display settings. Scroll down to Scale and layout, then adjust the scaling percentage. I typically reduce it to 125% or even 100%, depending on the display size and resolution. Most people don't realise this, but Delivery Optimisation quietly runs in the background and can slow things down. It's supposed to speed up updates by sharing them with other PCs over the internet, but in reality, it ends up using bandwidth and system resources. I always disable it right after setup. To do this, go to Settings > Windows Update > Advanced options > Delivery Optimisation, and turn it off.
Hans India
37 minutes ago
- Hans India
Microsoft Tests AI Copilot Mode in Edge Browser to Simplify Web Browsing
Microsoft is rolling out an experimental new feature in its Edge browser called Copilot Mode, an AI-powered assistant designed to help users manage everyday browsing tasks more efficiently. Aimed at cutting down time spent on repetitive web actions, this feature is now being tested and is currently free to use, though Microsoft has hinted it might eventually be part of a paid plan. With Copilot Mode, users gain access to a smart assistant that can compare prices across multiple tabs, help with restaurant bookings, or summarize information spread across various web pages. Appearing on the new tab screen, the feature uses a familiar chat-style interface, letting users interact via text or voice. This means you can now simply speak to your browser to open tabs, search within sites, or find products for comparison without manual navigation. Microsoft emphasizes that this tool is completely optional and built with user privacy in mind. 'Copilot will soon be able to guide you in your tasks and organise your browsing — past and present — into helpful, topic-based journeys,' said Sean Lyndersay, Vice President of Product for Microsoft Edge. He added, 'With Copilot Mode, you can also choose to turn the experience on and off as you wish through your Edge settings. If you choose not to turn on Copilot Mode, you can continue to browse on Edge as usual.' One of the standout elements of Copilot Mode is its ability to integrate deeper with a user's browsing data — but only with permission. Microsoft says that, with user consent, Copilot may access browsing history and saved login information in the future to make tasks like form filling and online bookings more seamless. To maintain transparency, Microsoft is implementing visible cues to indicate when Copilot is active in the background, ensuring users are always aware of the AI's presence and actions. While still in early stages, Copilot Mode is expected to evolve, with more features being introduced based on user feedback and usage patterns. This launch aligns with a broader industry trend of integrating AI into web browsers. Google, for instance, is testing AI-assisted search features in Chrome, while emerging platforms like Comet from Perplexity AI are also experimenting with similar technology. Microsoft's Copilot Mode is part of its wider strategy to enhance productivity and user experience across its product suite. Although usage is currently free, Microsoft has placed limits on how extensively the tool can be used, suggesting that a subscription model may be introduced down the line. For now, users who want to try out a smarter, more interactive way to browse can activate Copilot Mode from Edge's settings — and those who prefer the traditional experience can simply opt out.
Time of India
an hour ago
- Time of India
Microsoft launches AI-based Copilot Mode in Edge browser
Microsoft on Monday launched a new "Copilot Mode" on its Edge browser that uses artificial intelligence to improve the browsing experience, as the tech giant rushes to compete with rivals launching AI-based browsers and web search features. Copilot Mode can help carry out tasks, organize browsing into topic-based queries and compare results across all open tabs without requiring users to switch between them, Microsoft said. The update comes at a time when tech companies have rolled out several AI-powered online search tools. Nvidia-backed startup Perplexity AI launched its Comet browser earlier this month, while Reuters reported on OpenAI's upcoming AI browser. Rival Alphabet earlier this year launched " AI Mode ", an AI-only search feature on Google, and last week reported improvements in user engagement on such features. Microsoft said, under the new feature, users will see a page with a single input box combining chat, search and web navigation features. Copilot will also support voice navigation for browsing in Edge, the company added. The users will also soon be able to give Copilot permission to access additional browser context, such as user history and credentials, to take more concrete actions like making bookings or managing errands. Copilot will only be able to access browsing content when users enable it, and will provide visual cues to let users know when it is active in the background, Microsoft said. The feature will be available for free across Copilot markets in Windows and Mac PCs for a limited time and users can choose to opt out of it through Edge settings.
