Core Insights - A significant security vulnerability in Microsoft's SharePoint server software has led to global cyberattacks targeting U.S. government agencies, universities, energy companies, and an Asian telecom company [1][2] - The attacks are classified as "zero-day attacks," exploiting previously unknown vulnerabilities, allowing attackers to impersonate trusted entities and potentially manipulate financial markets [1] - Microsoft has released a security patch for one version of the software but acknowledges that two other versions remain vulnerable and are still under development for patches [2] Group 1: Attack Details - Thousands of SharePoint servers are at risk, with evidence of attempts to exploit the vulnerability before the patch was released [2] - At least two U.S. federal agencies have reported server breaches, with one state government official noting that attackers compromised a public government document repository [3] - The Cybersecurity and Infrastructure Security Agency (CISA) received reports of the vulnerability and immediately contacted Microsoft for coordination [3] Group 2: Expert Opinions - Cybersecurity experts have labeled the vulnerability as severe, indicating that all users hosting SharePoint servers are at risk [2] - Concerns have been raised that even after applying patches, hackers may retain access due to previously obtained keys [2] - The White House's Cyber Safety Review Board has previously criticized Microsoft's security culture following past incidents, indicating ongoing concerns about the company's cybersecurity practices [3]

帕洛阿尔托网络公司警告称"这些漏洞利用真实存在且构成严重威胁"。 谷歌威胁情报小组通过邮件声明表示，已观测到黑客利用该漏洞的行为，指出其可导致"持续的未授权 访问，对受影响组织造成重大风险"。 智通财经APP获悉，微软(MSFT.US)服务器软件正遭受不明黑客攻击，网络安全分析师警告全球范围内 可能出现大规模安全漏洞。 微软表示，已发布针对SharePoint服务器的新安全补丁"以缓解针对本地服务器的活跃攻击"，并称正在 部署更多修复程序。 美国网络安全和基础设施安全局确认该漏洞存在，指出黑客可利用其访问文件系统、内部配置并通过网 络执行代码。 密歇根州网络安全公司Censys研究员西拉斯·卡特勒估计，全球超过10,000家使用SharePoint服务器的企 业面临风险，其中美国受影响企业数量最多，荷兰、英国和加拿大紧随其后。 "这简直是勒索软件运营者的美梦，很多攻击者这个周末要加班了，"他补充道。 美国媒体援引州政府官员和独立研究人员的消息称，美国联邦和州级机构、大学、能源公司及一家亚洲 电信运营商已遭入侵。 这已是微软近期遭遇的系列网络攻击之一。该公司曾在3月警告，亚洲黑客正瞄准远程管理工具和云应 用程序 ...