Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Security IT

Microsoft SharePoint Servers Are Under Attack (zdnet.com) 37

Hacker groups are attacking Microsoft SharePoint servers to exploit a recently patched vulnerability and gain access to corporate and government networks, according to recent security advisories sent out by Canadian and Saudi Arabian cyber-security agencies. From a report: The security flaw exploited in these attacks is tracked as CVE-2019-0604, which Microsoft patched through security updates released in February, March, and April this year. "An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account," Microsoft said at the time.
This discussion has been archived. No new comments can be posted.

Microsoft SharePoint Servers Are Under Attack

Comments Filter:
  • by Anonymous Coward

    Excuse my cluelessness regarding "SharePoint", bit shouldn't a corporate server be on a secured intranet with only local and VPN access from secured corporate devices?

    • Yes, and so should Jenkins servers and Postgresql servers, but they all regularly get put on the open internet.
    • Comment removed based on user account deletion
      • A better question is why anybody is running a server of ANY sort and not bothering to apply security patches?

        1. Because Linux shits itself when you try to patch it.

        2. Because now even Windows 10 shits itself when you try to patch it, though slightly less often than Linux. Are you not aware of the "An Open Letter to Microsoft About Poor Windows 10 Update Experiences" document?

        That's not an exhaustive list of course. Mission critical stuff breaking on patch generally means patches are applied far more reluctantly.

  • by fahrbot-bot ( 874524 ) on Friday May 10, 2019 @02:07PM (#58570518)

    Are SharePoint servers actually under attack or are people just trying to use them? :-)

    • by Anonymous Coward

      I think it's just Karen in HR trying to sync the annual reviews.

      Fuck Karen.

  • by Waffle Iron ( 339739 ) on Friday May 10, 2019 @02:07PM (#58570528)

    Luckily, even after gaining access to the systems, no hacker has yet been able to make heads or tails of the Sharepoint user interface.

    Because of this, no sensitive information has been actually extracted from the hacked servers, and the risk remains theoretical.

    • Luckily, even after gaining access to the systems, no hacker has yet been able to make heads or tails of the Sharepoint user interface.

      Because of this, no sensitive information has been actually extracted from the hacked servers, and the risk remains theoretical.

      Yes, because most legitimate, authorized users of sharepoint can't usually get any information out.

  • what kind of moron has a sharepoint server available to the Internet without tons of extra security like an encrypted tunnel and TFA...

  • LOL, someone just asked me if I would do some Sharepoint scripting for them.

    I asked them, "Why? What did I ever do to you??"

    • by nadass ( 3963991 )

      LOL, someone just asked me if I would do some Sharepoint scripting for them.

      I asked them, "Why? What did I ever do to you??"

      Recent versions allow running your own ReactJS apps and using their APIs to your heart's content. They even have some SDK libs to help get the ball rolling... so a LOT has changed with SharePoint since the wee-early days of "SharePoint Scripting"

  • by Anonymous Coward

    And expository.

    Since Microsoft is closed source there would be no way for government to ever ensure their conferences were secure.

    This means Microsoft is "trusted" which means Microsoft's antitrust suit back in the days ended up with them playing ball.

    Windows 19 we know is all kinds of spyware and basically spyware is feature #1. We also know they backported and updated 7,8,8.1 all to spyware feature #1 too. Again, closed source you can only limit so much.

    Then you have "canada and saudi arabia" security fir

  • Comment removed based on user account deletion

"Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"

Working...