In a severe security alert, Microsoft has issued a warning. They have indicated that SharePoint servers used by government offices and private companies are under active cyberattack. This news is especially worrying for businesses in India that rely on SharePoint for internal document sharing and collaboration.
What Exactly Happened?
As per Microsoft’s official statement, hackers are actively targeting a critical vulnerability in SharePoint servers hosted on-premises. These servers are physically located within organizations.
This attack is known as a “zero-day” vulnerability. It is a dangerous flaw that the software maker didn’t earlier know about. Experts say tens of thousands of servers are at risk, and many of them are in India too.
Is SharePoint Online Safe?
Yes. Microsoft confirmed that SharePoint Online, which is part of Microsoft 365 cloud services, is not affected. Only those using on-premise SharePoint Server 2016 or 2019 need to take urgent action.
How Are Hackers Exploiting This?
The attack is a spoofing attack, where hackers pretend to be a trusted user or organization. This way, they can trick systems or people into revealing sensitive information or making wrong decisions.
Spoofing can lead to major security breaches. These include access to confidential data, financial fraud, or even manipulation of government records.
What Has Microsoft Recommended?
Microsoft has already issued security updates. Customers are strongly advised to:
- Immediately install the latest security patches
- If you’re unable to apply patches right now, disconnect the server from the internet temporarily
- Enable advanced malware protection tools on your network
Microsoft also said it is working closely with CISA (US Cybersecurity and Infrastructure Security Agency). It is also collaborating with DoD Cyber Defence Command and cybersecurity experts globally.
What Indian Organizations Should Do
Indian businesses, government departments, IT service providers, and SME who are using on-premise SharePoint servers should not ignore this warning.
✅ Check which version of SharePoint you are using
✅ Apply Microsoft’s latest patch right away
✅ Consult your IT team or cybersecurity vendor if unsure
✅ Avoid delaying — prevention is better than recovery
Why This Matters for India
India has a growing base of digital-first businesses and government services. Many public and private sector institutions still use locally hosted infrastructure to manage sensitive information. That means a large number of them will be exposed to such threats unless they act quickly.
