00:00Critical Flaw in Microsoft's SharePoint Software
00:09Thousands of servers at risk
00:11Cybersecurity firm iSecurity has identified a critical security flaw
00:19in Microsoft's SharePoint software.
00:21Due to this vulnerability, on-premise servers worldwide are at risk of cyberattacks,
00:26leaving information security of various government and private organizations,
00:31universities, and business entities in jeopardy.
00:34Dear viewers, if you like this news, please like it and share your comments in the comment box.
00:40In a warning, Microsoft stated that attackers are exploiting a zero-day vulnerability in SharePoint
00:47to access SharePoint servers.
00:49These were previously undetected and there was no immediate way to prevent them.
00:54However, cloud-based SharePoint versions are not affected by this vulnerability.
00:58Work is underway to quickly resolve the flaw in SharePoint.
01:02According to iSecurity, in certain versions of SharePoint, hackers can steal a security key,
01:08which they can use to impersonate any user or service on the server.
01:12Even if the server is restarted or security updates are applied,
01:16the server does not become risk-free because the security key remains in the possession of the hackers.
01:22The U.S. Cybersecurity and Infrastructure Security Agency, CISA, has stated that the scope and impact of these attacks are still under review.
01:32The agency has warned that servers that have already been compromised or are at risk of the flaw should be disconnected from the Internet as soon as possible.
01:40A Washington Post report stated that this security flaw has been exploited to launch cyber attacks targeting various U.S. federal and state government agencies,
01:50universities, power and energy sector institutions, and an Asian telecommunications company.
01:56The U.S. Department of spy officers are the U.S. Department of security,
02:00which has developed the U.S. Department of security.
02:02A Washington Post report is part of and security requires more to persevere data from the U.S. Department of security.
02:06much less than the U.S. Department of security was occupied by marca.
02:08The U.S. Department of security was deployed to the U.S. Department of security as a security group.
