Microsoft Releases Emergency Patches for SharePoint Zero-Day RCE Vulnerabilities Exploited in Global Attacks

Microsoft has released emergency security updates to address two zero-day remote code execution (RCE) vulnerabilities in SharePoint Server, identified as CVE-2025-53770 and CVE-2025-53771. These vulnerabilities have been actively exploited in global attacks dubbed "ToolShell," compromising services worldwide. SharePoint is a widely used web-based collaborative platform integrated with Microsoft Office, making these vulnerabilities particularly critical due to the potential for unauthorized code execution and data access. The exploitation of these vulnerabilities underscores the persistent threat posed by zero-day vulnerabilities in enterprise software and highlights the importance of timely patching and robust vulnerability management. Cybersecurity professionals should prioritize applying these patches immediately and monitor networks for signs of compromise. Additionally, implementing network segmentation and restricting access to SharePoint servers can help mitigate risks. The global nature of these attacks indicates that threat actors are actively scanning for and exploiting such vulnerabilities, emphasizing the need for continuous vigilance and proactive security measures.