Hi everyone,

We want to make you aware of a critical security vulnerability (CVE-2025-53770) that is currently being actively exploited in the wild. This vulnerability affects on-premises versions of Microsoft SharePoint Server and allows attackers to remotely execute code without needing to log in — a serious threat vector.

🔍 What's Affected:

• SharePoint Server Subscription Edition

• SharePoint Server 2019

• SharePoint Server 2016

➡️ ✅ SharePoint Online (Microsoft 365) is not affected
If you're using SharePoint as part of Microsoft 365, Microsoft handles security patches directly, and no action is needed from your side unless you’re running a hybrid deployment.

🚨 Why It Matters

This vulnerability is already being used by attackers to breach networks. Exploitation could lead to:

• Unauthorized data access

• Ransomware or malware deployment

• Lateral movement through internal systems

🛡 What You Should Do

If you use SharePoint Server on-prem:

1. Apply Microsoft’s July 2025 security patch immediately.

2. Audit your SharePoint access permissions.

3. Look for signs of compromise (IOCs).

4. Reach out to us for a patch or security assessment.

📘 Learn More

We've posted a detailed blog with full context, mitigation steps, and what you need to know:
🔗 Read the full breakdown here

If you’re unsure whether this affects your environment or need help patching, open a ticket or reach out directly. Our team is here to support you.

Stay safe,
Boston Managed IT Security Team
📞 (617) 322-5155
📧 support@bostonmit.com