In particular, when exploiting two of these vulnerabilities together, hackers can gain deep control over the system and maintain long-term access. This is an "ideal environment" for APT (Advanced Persistent Threat) espionage campaigns, stealing or encrypting sensitive data.
These vulnerabilities are being exploited widely in many countries. At least 85 SharePoint servers have been infected with web shell malware, affecting 29 organizations globally. Among the victims are many multinational corporations and government agencies, including the US National Nuclear Security Administration (NNSA).
In Vietnam, SharePoint Server is used in document management at many agencies, organizations and large technology and financial enterprises. Up to now, although no cases of attack have been recorded, the risk of being exploited by these vulnerabilities is assessed at a very high level, especially at units that are deploying SharePoint Server according to the on-premise installation model without timely updating and patching.
The attack can originate from a point in the internal network, using sophisticated techniques that are difficult to detect. Hackers can secretly install malware on an internal workstation, from there silently scanning, expanding control and gradually taking over the entire system.
Bkav especially recommends that system administrators urgently review and tighten internal access rights to prevent the risk of being attacked from within. For ministerial-level agencies that delegate access rights to local units, it is necessary to immediately review and limit these rights if the system has not been patched or has not been thoroughly remedied. Patching of vulnerabilities should be updated as soon as possible.
At the same time, it is necessary to strengthen monitoring measures, limit external access, deploy web application firewalls (WAF), monitor system access logs and set up early warning mechanisms when there are signs of abnormalities. For units that do not have a specialized information security team, it is necessary to proactively contact incident response centers for timely advice and support...
SharePoint Server is a document management and enterprise collaboration platform developed by Microsoft. The system allows storing, sharing, searching and managing documents centrally, and supports the construction of internal websites (Intranet), business portals, and deep integration with Microsoft Office and Microsoft 365 to improve team productivity.
Source: https://www.sggp.org.vn/tap-doan-cong-nghe-bkav-canh-bao-nguy-co-tan-cong-mang-tu-loat-lo-hong-tren-phan-mem-sharepoint-server-cua-microsoft-post805404.html
![[Photo] President Luong Cuong receives President of the Cuban National Assembly Esteban Lazo Hernandez](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/30/4d38932911c24f6ea1936252bd5427fa)
![[Photo] Solemn opening of the 12th Military Party Congress for the 2025-2030 term](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/30/2cd383b3130d41a1a4b5ace0d5eb989d)
![[Photo] Panorama of the cable-stayed bridge, the final bottleneck of the Ben Luc-Long Thanh expressway](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/30/391fdf21025541d6b2f092e49a17243f)
![[Photo] General Secretary To Lam, Secretary of the Central Military Commission attends the 12th Party Congress of the Army](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/30/9b63aaa37ddb472ead84e3870a8ae825)
![[Photo] The 1st Congress of Phu Tho Provincial Party Committee, term 2025-2030](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/30/1507da06216649bba8a1ce6251816820)
Comment (0)