The Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC) has alerted the market to a vulnerability impacting Microsoft Office SharePoint Server products (CVE-2025-53770).
CVE-2025-53770 involves the deserialisation of untrusted data in on-premises Microsoft SharePoint Servers, allowing an unauthorised attacker to execute code over a network.
Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild and has observed active attacks targeting on-premises SharePoint Server customers.
These vulnerabilities apply to on-premises SharePoint Servers only; SharePoint Online in Microsoft 365 is not impacted.
The critical alert issued by the ACSC said that Microsoft is preparing and fully testing a comprehensive update to address this vulnerability.
Microsoft said that the organisation is working on security updates for supported versions of SharePoint 2019 and SharePoint 2016. .
To mitigate potential attacks, Microsoft said that customers should use supported versions of on-premises SharePoint Server; apply the latest security updates, including the July 2025 Security Update; ensure the Antimalware Scan Interface (AMSI) is turned on and configured correctly, with an appropriate antivirus solution such as Defender Antivirus; deploy Microsoft Defender for Endpoint protection, or equivalent threat solutions; and rotate SharePoint Server ASP.NET machine keys.
ACSC recommends monitoring Microsoft’s official advisories for any updates to mitigations and for details on any related patches.
The ACSC also said Australian organisations should review their networks for use of vulnerable instances of the Microsoft Office SharePoint Server products and consult Microsoft’s customer advisory for mitigation advice.
_page-0001.jpg&w=100&c=1&s=0)
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
![[Opinion] It's time to rethink the MSP machine](https://i.nextmedia.com.au/Utils/ImageResizerWebP.ashx?n=https%3a%2f%2fi.nextmedia.com.au%2fNews%2fAnna_Furlong_-_square_crop_v2.jpg&q=95&h=298&w=480&c=1&s=1)
