July 2025 – Microsoft has issued an urgent security alert regarding active exploitation of four vulnerabilities affecting on-premises SharePoint servers:
- CVE-2025-49706 – Spoofing
- CVE-2025-49704 – Remote Code Execution
- CVE-2025-53770 – Newly disclosed
- CVE-2025-53771 – Newly disclosed
These vulnerabilities do not affect SharePoint Online in Microsoft 365 but pose a serious risk to organizations relying on local SharePoint infrastructure. Microsoft has released security patches for supported versions (Subscription Edition, 2019, and 2016), and urges customers to apply these updates immediately.
Key Recommendations from Microsoft
- Apply the latest July 2025 security updates without delay.
- Ensure you’re running a supported version of SharePoint Server.
- Enable and configure the Antimalware Scan Interface (AMSI) with an appropriate antivirus, such as Microsoft Defender Antivirus.
- Use Microsoft Defender for Endpoint or a similar threat protection solution.
- Rotate SharePoint Server ASP.NET machine keys.
- Regularly consult the Microsoft Security Response Center (MSRC) blog for updates and detection guidance.
How RELIANOID Protects Your Infrastructure
At RELIANOID, security is a top priority. Our advanced ADC (Application Delivery Controller) and security platform provides powerful layers of defense to help mitigate these types of attacks—even before vendor patches are applied:
- Reverse Proxy Protection: Isolates backend SharePoint servers from direct internet exposure, reducing attack surfaces.
- mTLS and Traffic Inspection: Inspects incoming traffic with deep protocol awareness, blocking malformed or malicious requests.
- Web Application Firewall (WAF): Detects and mitigates RCE, spoofing, and code injection attempts with customizable rulesets.
- Real-Time Threat Intelligence: Integrated threat feeds automatically block known attack vectors and IPs.
- Hot Configuration Restart: Apply changes and security rules without interrupting existing connections.
- Logging & SIEM Integration: Send logs and alerts to your SIEM for monitoring and correlation.
Now Available on Azure
You can now deploy RELIANOID infrastructure directly from the Azure Marketplace. Secure your on-premises or hybrid SharePoint deployments with advanced traffic control, TLS inspection, and zero-downtime updates—all in the cloud.
Get started with RELIANOID in Azure →
Stay Ahead of Threats with RELIANOID
In a threat landscape where zero-day vulnerabilities are actively exploited, proactive defense is no longer optional. RELIANOID offers intelligent protection for enterprise environments, helping you detect, mitigate, and respond to critical vulnerabilities quickly and effectively.
Need help securing your infrastructure? Contact our team today to learn how RELIANOID can support your cybersecurity strategy.
Related Blogs
