"The elevated number of patches, combined with the presence of zero-days and multiple critical issues, makes this a release that should be prioritised for immediate attention."
"External threats can target internet-facing SharePoint instances directly. On-premises SharePoint servers exposed to the internet carry the highest risk."
"A successful XSS exploit gives attackers a path deeper into your environment."
"Malicious JavaScript could be made to execute in the browser of a user visiting a compromised SharePoint page, which could enable the attacker to steal."
The April Patch Tuesday update from Microsoft includes over 160 distinct issues, featuring two significant zero-day vulnerabilities. This update is described as potentially one of the largest in history, attributed to an increase in submissions identified by AI tools. Experts emphasize the urgency of addressing these vulnerabilities, particularly the first zero-day affecting SharePoint Server, which has been exploited in the wild. The risk is heightened for internet-facing SharePoint instances, as successful exploits can lead to deeper access within networks.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]