احذر.. هجوم «يوم الصفر» الإلكتروني!

Microsoft has issued a warning regarding "active attacks" on server software used by government devices and companies for document sharing within institutions, and the company recommended security updates that customers must apply immediately, according to "Sky News".

The Federal Bureau of Investigation stated that it is aware of the attacks and is working closely with its partners in both the federal and private sectors, but it did not provide any further details.

Microsoft indicated that the security vulnerabilities only affect "SharePoint" servers used within institutions.

Microsoft clarified that the "SharePoint Online" program in "Microsoft 365," which is cloud-based, has not been targeted by the attacks.

The "Washington Post," which was the first to report the cyber intrusion, stated that unidentified entities exploited a vulnerability in recent days to launch an attack targeting American and international devices and companies.

The newspaper quoted experts saying that the intrusion is known as a "zero-day" attack because it targeted a vulnerability that was previously unknown.

According to the newspaper, tens of thousands of servers were at risk.

According to what Microsoft mentioned in the alert, the vulnerability "allows authorized attackers to conduct impersonation over the network" and issued recommendations to prevent attackers from exploiting it.

In an impersonation attack, the perpetrator can manipulate financial markets or devices by concealing their identity and appearing as a trusted person, organization, or website.

Microsoft noted that it has released a security update, adding that customers must apply it immediately.

The company confirmed that it is working on updates for the 2016 and 2019 versions of the "SharePoint" program, adding that if customers are unable to apply the recommended protection against malware, they should disconnect their servers from the internet until a security update is available.