CVE-2025-53770

Меры по смягчению последствий

The following mitigating factors might be helpful in your situation:

Customers who have enabled the AMSI integration feature and use Microsoft Defender across their SharePoint Server farm(s) are protected from this vulnerability. For more information, see Configure AMSI integration with SharePoint Server.

FAQ

7/20/2025 Update: Updates are now available for Microsoft SharePoint Server Subscription Edition and Microsoft SharePoint Server 2019.

Why are there no links to the update to protect from this vulnerability?

Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. This page will be updated when an update is available.

Is there anything else that I can do to protect from exploitation?

If enabling AMSI is not an option, you should remove access to the internet from the SharePoint server. These two options protect from unauthenticated attacks.

Does this affect Microsoft 365 SharePoint Online?

No, Microsoft 365 SharePoint Online is not vulnerable to this issue.

Is there more information about this?

Yes, please see Customer guidance for SharePoint vulnerability CVE-2025-53770 for more information.

Are the two new CVEs that were released related to the two SharePoint vulnerabilities that were documented by CVE-2025-49704 and CVE-2025-49706?

Yes, the update for CVE-2025-53770 includes more robust protections than the update for CVE-2025-49704. The update for CVE-2025-53771 includes more robust protections than the update for CVE-2025-49706.

There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.