Core Viewpoint - Microsoft has issued an urgent announcement regarding active attacks on its SharePoint server software, which is widely used for internal document sharing by government agencies and enterprises, urging clients to apply security updates immediately [1][2]. Group 1: Security Vulnerability and Attacks - A serious security vulnerability in Microsoft's SharePoint server software has been reported, leading to ongoing attacks by hackers, affecting various sectors including U.S. federal and state government agencies, universities, energy companies, and an Asian telecom company [1]. - The attacks are classified as "zero day attacks," exploiting previously unknown vulnerabilities, allowing attackers to impersonate trusted entities and potentially manipulate financial markets or institutions [2]. - Over 10,000 companies with SharePoint servers are estimated to be at risk, with the highest number of affected users in the U.S., followed by the Netherlands, the UK, and Canada [2]. Group 2: Response and Coordination - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has acknowledged the vulnerability, stating that hackers can access file systems and internal configurations, as well as execute code on networks [4]. - The FBI is aware of the attacks and is collaborating closely with federal and private sector partners, although no further details have been provided [4]. - Microsoft is coordinating with CISA, the Department of Defense Cyber Defense Command, and major global cybersecurity partners to address the situation [4]. Group 3: Security Culture Concerns - The Cyber Safety Review Board (CSRB) has previously noted deficiencies in Microsoft's security culture, particularly after a 2023 incident involving the hacking of Microsoft Exchange Online, which resulted in data breaches affecting 22 organizations and hundreds of individuals [4].

Group 1 - Microsoft is facing a significant cybersecurity threat as its server software is under attack by unknown hackers, potentially leading to widespread security vulnerabilities globally [1] - The company has released a new security patch for SharePoint servers to mitigate active attacks on on-premises servers and is deploying additional fixes [1] - The U.S. Cybersecurity and Infrastructure Security Agency has confirmed the existence of the vulnerability, which allows hackers to access file systems, internal configurations, and execute code over the network [1] Group 2 - Over 10,000 companies globally using SharePoint servers are estimated to be at risk, with the highest number of affected enterprises located in the U.S., followed by the Netherlands, the UK, and Canada [1] - Cybersecurity experts warn that these vulnerabilities pose a serious threat, with indications that hackers are already exploiting them [1] - This incident is part of a series of recent cyberattacks on Microsoft, with previous warnings about Asian hackers targeting remote management tools and cloud applications [2]