Over-1300-Microsoft-SharePoint-Servers-Vulnerable-to-Spoofing-Attacks

Vaibhav April 22, 2026
www.news4hackers.com-over-1300-microsoft-sharepoint-servers-vulnerable-to-spoofing-attacks-over-1300-microsoft-sharepoint-servers-vulnerable-to-spoofing-attacks
Post Views: 5

Microsoft SharePoint Servers Remain Vulnerable to Spoofing Attacks

More than 1,300 Microsoft SharePoint servers worldwide have not been updated to address a critical vulnerability that allows unauthorized users to conduct spoofing attacks.

Background Information

The flaw, identified as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and the latest version, SharePoint Server Subscription Edition.

“The vulnerability, rated as a zero-day, enables attackers to manipulate data without requiring user interaction. This can result in sensitive information disclosure, modification of existing data, and potential disruption of service availability.”

Microsoft

Impact and Recommendations

  • Approximately 1,100 servers remain vulnerable: Since Microsoft released the security updates for CVE-2026-32201, fewer than 200 servers have been patched, leaving approximately 1,100 systems exposed to the risk of exploitation.
  • Prioritize updating your SharePoint servers: The Internet security organization Shadowserver reported this information, highlighting the urgent need for organizations to prioritize updating their SharePoint servers to prevent potential attacks.
  • The CISA has included CVE-2026-32201 in its Known Exploited Vulnerabilities catalog and issued a directive requiring federal civilian executive branch agencies to patch their SharePoint servers within two weeks, by April 28, as mandated by the Binding Operational Directive (BOD) 22-01.
  • Apply available fixes and follow vendor guidelines: Organizations should apply available fixes according to vendor guidelines, adhere to relevant BOD 22-01 recommendations for cloud services, or discontinue using the affected product if mitigation options are unavailable.


Blog Image

About Author

Vaibhav

See author's posts

More Stories

FortiSandbox-Security-Patch-Released-by-Fortinet-Fixes-Critical-Vulnerability

FortiSandbox Security Patch Released by Fortinet, Fixes Critical Vulnerability

Vaibhav April 15, 2026
EU-Mandates-Coordinated-Vulnerability-Disclosure-A-Cultural-Shift-Ahead

EU Mandates Coordinated Vulnerability Disclosure: A Cultural Shift Ahead

Vaibhav April 15, 2026
Global-Vulnerability-Alert-Sophisticated-Adobe-Reader-Exploit-Identified

Global Vulnerability Alert: Sophisticated Adobe Reader Exploit Identified

Vaibhav April 11, 2026

Latest Cyber Security News

www.news4hackers.com-sbi-bank-frauds-alert-2-65-crore-scam-exposed-on-inactive-accounts-sbi-bank-frauds-alert-2-65-crore-scam-exposed-on-inactive-accounts

SBI Bank Frauds Alert: ₹2.65 Crore Scam Exposed on Inactive Accounts

Vaibhav April 22, 2026
www.news4hackers.com-cisa-urges-government-agencies-to-patch-vulnerable-cisco-sd-wan-devices-cisa-urges-government-agencies-to-patch-vulnerable-cisco-sd-wan-devices

CISA Urges Government Agencies to Patch Vulnerable Cisco SD-WAN Devices

Vaibhav April 22, 2026
www.news4hackers.com-pune-loses-over-rs-119-crores-to-investment-and-cyber-fraud-scams-pune-loses-over-rs-119-crores-to-investment-and-cyber-fraud-scams

Pune Loses Over Rs 119 Crores to Investment and Cyber Fraud Scams

Vaibhav April 22, 2026
www.news4hackers.com-check-point-uncovers-link-between-systembc-malware-and-gentlemen-ransomware-operation-check-point-uncovers-link-between-systembc-malware-and-gentlemen-ransomware-operation

Check Point Uncovers Link Between SystemBC Malware and Gentlemen Ransomware Operation

Vaibhav April 22, 2026
www.news4hackers.com-mumbai-bank-employee-loses-97-lakhs-in-phony-online-trading-scheme-mumbai-bank-employee-loses-97-lakhs-in-phony-online-trading-scheme

Mumbai Bank Employee Loses ₹97 Lakhs in Phony Online Trading Scheme

Vaibhav April 22, 2026
en_USEnglish
en_USEnglish