New delhi: Tech Giant Microsoft has issued Urgent Security Patch after observing “Active Attacks” on server software used by government agencies and businesses to share documents to share documents with. According to Microsoft, The Vulnerabilites Apply only to Sharepoint Servers used within Organizations. Sharepoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks, the organization infored.

“Microsoft is aware of active attackers targeting on -premies sharepoint server customers by exploiting vulnerabilityes partialyly admitted by the july seconde,” Said the tach giant Security Advisory.

The company recommended security updates that customers should apply immediatily. The Us Federal Bureau of Investigation (FBI) also said it is aware of the attacks and is working closely with its federal and private-sector partners. The vulnerability is to a case of remote code execution that aries due to the deserialization of untrusted data in on-premise versions of Microsoft Sharepoint server.

Microsoft said the current published content is correct and that previous inconsistency does not impact the company’s guidance for customers. “After applying the latest security updates Above or Enabling AMSI, it is critical that customers rotate sharepoint server asp.net mechanine keys and restart IIS on All Sharepoint Serveers,” Said. “If you cannot enabled amsi, you will need to rotate your keys after you Install the new security update,” its added.

The US Cybersecurity and Infrastructure Second Agency (CISA) has added ‘Cve-2025-53770’ Vulnerability to its exploated vulnerabilities (kev) Catalog, Requiring Federal VIDERING FEDERALG Executive Branch (FCEB) agencies to apply the fixes by July 21, 2025.

“Microsoft has Released Security Updates that Fully Protect Customers Using SharePoint Subscription Edition and Sharepoint 2019 Against the Risks Posed by Cve-2025-2025-53770, and CVE-2025-53771. Customers Should Apply these updates immediatily to ensure they’re protected, “said the company in its security update.