SharePoint Server Zero-Day Chaos: Massive Exploit Wave Hits Hard

A zero-day flaw in Microsoft SharePoint Server, CVE-2025-53770, is causing chaos as hackers exploit it in a widespread campaign. While Microsoft scrambles to patch it, SharePoint Online users can breathe easy, but on-premises users should deploy Defender AV or face potential apocalypse-level consequences. Remember, it’s just another day in the world of cybersecurity!

3P
Published: July 20, 2025 10:01 amAdded: July 20, 2025 at 3:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Microsoft SharePoint: The gift that keeps on giving… hackers more ways to ruin your day! With a new zero-day vulnerability marking its territory, SharePoint Server is once again the belle of the cyber ball, attracting all the wrong kinds of attention. Just when you thought you were safe with your SharePoint Online, the on-premises version is throwing a party for attackers, and they’re RSVPing in droves.

Key Points:

  • New zero-day vulnerability CVE-2025-53770 has a CVSS score of 9.8, yikes!
  • It’s a variant of a previously patched flaw, CVE-2025-49706.
  • Active exploitation targeting on-premises SharePoint Servers, while SharePoint Online remains safe (for now).
  • Microsoft advises enabling AMSI integration or disconnecting from the internet.
  • Exploit chain, dubbed ToolShell, uses ASPX payloads for remote code execution.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?