To secure the endpoints, Microsoft recommends applying the July 2025 security updates immediately, as well as enabling Antimalware Scan Interface (AMSI) for SharePoint and making sure Defender Antivirus is deployed.

Multiple hacking groups—including state actors from China—have targeted a vulnerability in older, on-premises versions of the file-sharing tool after a flawed attempt to patch it.

Microsoft has released a critical patch for a security flaw in its SharePoint software. Hackers actively exploited this vulnerability, targeting businesses and US government agencies. The company issued the fix between July 19 and 20.

The vulnerability also could allow hackers to access services connected to SharePoint, including OneDrive and Teams.