Guidance for Microsoft SharePoint vulnerability CVE-2025-53770



 Microsoft MSRC:

RevisionChangeDate
1.0Information published07/19/25
2.0Clarified affected SharePoint product in summary07/20/25
Added fix availability guidance
Provided additional protections guidance regarding:
  • Upgrade SharePoint products to supported versions (if required)
  • Install July 2025 Security Updates
  • Rotate machine keys
Updated Microsoft Defender detections and protections section:
Documented additional MDE alerts
Mapping exposure via Microsoft Defender Vulnerability Management
Documented CVE-2025-53771
3.0Published SharePoint 2019 security update, included links to CVEs and published security updates

Summary​

Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update.

These vulnerabilities apply to on-premises SharePoint Servers only. SharePoint Online in Microsoft 365 is not impacted.

Microsoft has released security updates that fully protect customers using SharePoint Subscription Edition and SharePoint 2019 against the risks posed by CVE-2025-53770, and CVE-2025-53771. Customers should apply these updates immediately to ensure they’re protected.

ProductSecurity Update link
Microsoft SharePoint Server Subscription EditionDownload Security Update for Microsoft SharePoint Server Subscription Edition (KB5002768) from Official Microsoft Download Center
Microsoft SharePoint Server 2019Download Security Update for Microsoft SharePoint Server Subscription Edition (KB5002754) from Official Microsoft Download Center
Microsoft SharePoint Server 2016Not available yet

We are working on security updates for supported versions of SharePoint 2019 and SharePoint 2016. Please check this blog for updates.

To mitigate potential attacks customers should:
  1. Use supported versions of on-premises SharePoint Server
  2. Apply the latest security updates, including the July 2025 Security Update
  3. Ensure the Antimalware Scan Interface (AMSI) is turned on and configured correctly, with an appropriate antivirus solution such as Defender Antivirus
  4. Deploy Microsoft Defender for Endpoint protection, or equivalent threat solutions
  5. Rotate SharePoint Server ASP.NET machine keys
Detailed guidance for each step as well as detection, protection, and hunting, is provided below.



 Read more:

Microsoft Security Response Center Blog

Microsoft Security Response Center Blog
msrc.microsoft.com
 
Click to expand...

My Computers

System One System Two

  • OS
    Windows 11 Pro for Workstations
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom self build
    CPU
    Intel i7-8700K 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz (F4-3600C18D-32GTZR)
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING (11GB GDDR5X)
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    2 x Samsung Odyssey G75 27"
    Screen Resolution
    2560x1440
    Hard Drives
    1TB Samsung 990 PRO M.2,
    4TB Samsung 990 PRO M.2,
    TerraMaster F8 SSD Plus NAS
    PSU
    Seasonic Prime Titanium 850W
    Case
    Thermaltake Core P3 wall mounted
    Cooling
    Corsair Hydro H115i
    Keyboard
    Amazon Basics Wired Full Keyboard MD005
    Mouse
    Logitech MX Master 4
    Internet Speed
    2 Gbps Download and 100 Mbps Upload
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    CyberPower CP1500PFCLCD
    Galaxy S23 Plus phone
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Surface Laptop 7 Copilot+ PC
    CPU
    Snapdragon X Elite (12 core) 3.42 GHz
    Memory
    16 GB LPDDR5x-7467 MHz
    Monitor(s) Displays
    15" HDR
    Screen Resolution
    2496 x 1664
    Hard Drives
    1 TB SSD
    Internet Speed
    Wi-Fi 7 and Bluetooth 5.4
    Browser
    Chrome and Edge
    Antivirus
    Microsoft Defender
You must log in or register to reply here.

Similar threads

  • Article Article
Guidance on Microsoft Signed Drivers Being Used Maliciously
Replies
0
Views
1K
Brink
Brink
  • Article Article
Microsoft FAQ and guidance for XZ Utils backdoor vulnerability in Linux distributions
Replies
0
Views
1K
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom