Microsoft Addresses Critical SharePoint Security Vulnerability

Microsoft has released an update to address a Remote Code Execution vulnerability in SharePoint. This security flaw, identified as CVE-2026-45659, affects multiple versions of SharePoint Server. The vulnerability can be exploited by attackers without the need for specific conditions, making it particularly dangerous. It has a CVSS score of 8.8 and has been classified as important. The ability to deserialize untrusted data poses a significant risk, as attackers could potentially take control of affected systems.

Microsoft has urged users to install the updates promptly to protect their systems. The vulnerability affects both on-premises and cloud-based installations of SharePoint. In its security bulletin, Microsoft noted that the flaw exists in various versions of SharePoint Server, including the latest releases. The exact number of affected systems is currently unknown, but widespread prevalence in enterprise environments is suspected. To address the security vulnerability, Microsoft has provided several updates that are available immediately.

The updates are available for all supported versions of SharePoint Server. Administrators are strongly advised to install the updates to minimize the risk of an attack. The discovery of this vulnerability occurs in a context where cyberattacks on businesses are increasing. Security researchers have noted a rise in attacks on web applications in recent months, with vulnerabilities like the one in SharePoint being frequently exploited. Microsoft has emphasized that the security of its products is a top priority and that it is continuously working to improve security measures.

The release of the update comes amid a series of security enhancements that Microsoft has implemented in recent years. These include regular security updates and the introduction of new security features in products such as Windows 11 and Office 2024. These measures are intended to help businesses better prepare against the growing threats from cyberspace. The CVE-2026-45659 vulnerability has been classified by Microsoft as critical, meaning it could have severe implications for the confidentiality, integrity, and availability of data. Therefore, companies using SharePoint should take immediate action to secure their systems. Microsoft plans to roll out the update to all users by the end of June 2026. Users are encouraged to regularly check their systems and ensure that the latest security updates are installed to protect against potential attacks.