A Critical Flaw in SharePoint
Microsoft has released security updates to address a serious remote code execution vulnerability in its SharePoint collaboration platform. The flaw, which carries a high severity rating, allows an authenticated attacker with basic Site Member permissions to execute arbitrary code over a network on affected SharePoint servers. No special conditions or elevated privileges are required for exploitation.
The vulnerability stems from a deserialization of untrusted data issue within Microsoft Office SharePoint. A security researcher credited as MEOW discovered and reported the problem. Microsoft has issued patches covering multiple versions of the server software, including SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016.
Impact and Required Action
While Microsoft has assessed this vulnerability as less likely to be actively exploited compared to some past flaws, the company emphasizes the importance of applying the updates quickly. The collaborative platform has been a frequent target for attackers over the years, with several previous vulnerabilities being weaponized in real world incidents. Just last month, Microsoft addressed a separate SharePoint spoofing flaw that was confirmed as being exploited in the wild.
Organizations running any affected version of SharePoint Server should prioritize installing the latest security patches to block potential remote code execution attacks. The updates are available through standard Microsoft update channels. Given the low barrier to exploitation requiring only a valid account with minimal permissions, delaying the patch could leave systems exposed to unauthorized code execution by internal users or compromised accounts.
Source: The Hacker News
