Hackers abusing gap in Microsoft servers, Dutch cybersecurity center warns

A major security vulnerability in Microsoft’s server software is being actively exploited by hackers, the Dutch National Cyber Security Center (NCSC) warned Monday. Microsoft has issued updates to mitigate the risk, but no full solution is yet available.

The flaw affects Microsoft SharePoint, widely used by governments and businesses to share documents internally. Cybersecurity experts say the vulnerability could have global consequences, including for thousands of companies in the Netherlands.

Cybersecurity firm Censys reports that more than 10,000 organizations are at risk due to exposed SharePoint servers. The Netherlands ranks second only to the United States in the number of vulnerable companies using the software.

“The vulnerability is serious, and it is being actively exploited,” the NCSC said in its advisory. The center urges all SharePoint users to immediately implement Microsoft’s mitigation measures. “Microsoft has taken steps to reduce the risk, and we advise users to adopt those measures,” the NCSC said. The agency emphasized that a permanent fix has not yet been developed.

Microsoft said it has released a new security update for customers. “We have provided an additional security update for SharePoint servers to counter active attacks on local servers,” the company said.

The scope of the exploitation appears to extend beyond the Netherlands. According to The Washington Post, the breach has impacted U.S. federal agencies, universities, energy companies, and a telecom firm in Asia. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed that the exploited vulnerability gave hackers access to internal file systems.