Ravie Lakshmanan reports:
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also disclosed details of another vulnerability that it said has been addressed with “more robust protections.”
The tech giant acknowledged it’s “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.”
CVE-2025-53770 (CVSS score: 9.8), as the exploited Vulnerability is tracked, concerns a case of remote code execution that arises due to the deserialization of untrusted data in on-premise versions of Microsoft SharePoint Server.
Read more at The Hacker News.