Microsoft has warned of two dangerous security gaps (CVE-2025-53770 and CVE-2025-53771) in on-premise instances of SharePoint. One of the vulnerabilities is already being actively exploited and allows attackers to remotely execute malicious code without authentication. SharePoint Server 2016, 2019, and the Subscription Edition are affected – SharePoint Online is not affected.
Microsoft has now released security updates for SharePoint Server 2019, Subscription Edition, and now also for 2016. Administrators should urgently install all available patches and implement further recommended protective measures.
According to security researchers, dozens of servers have already been compromised. Affected systems should be checked and compromised servers isolated immediately.
Further information and download links for the patches can be found here in the latest Microsoft security advisory.
If you have any questions or need support, our experts will be happy to assist you.
Marvin Hitzfeld
IT Infrastructure Sales
0541/1395-64
it-infrastruktur[at]tso[dot]de
