03 July 2026
1. What is being reported?
Security experts have discovered a vulnerability in Microsoft SharePoint that lets attackers run harmful code on the system without needing physical access. This means hackers can potentially take over SharePoint servers from anywhere online.
2. What this means in plain English
If your organisation uses Microsoft SharePoint, this flaw could let attackers access sensitive information or disrupt your services. It is especially risky because the attack can happen remotely and is already being used by criminals.
3. Could this affect a small business?
Small businesses or charities using Microsoft SharePoint, either on their own servers or through certain hosting services, could be affected. If you do not use SharePoint, or it is managed by a trusted provider who applies updates promptly, you are less likely to be at risk.
4. What to do now
- Contact your IT provider or software supplier immediately to check if your SharePoint installation is vulnerable.
- Apply any security updates or patches provided by Microsoft as soon as possible.
- Review your SharePoint access controls to ensure only authorised users can make changes.
- Monitor your systems for unusual activity and report any concerns to your IT support.
5. Ask your IT provider
Can you confirm whether our Microsoft SharePoint systems are affected by the recent remote code execution vulnerability and what steps are being taken to protect us?
6. Bottom line
Act quickly to ensure your SharePoint systems are updated and secure to prevent attackers from exploiting this serious flaw.
Information based on CISA KEV and reputable security reporting.