1.0 Introduction
Recently Microsoft has released an urgent advisory addressing a critical remote code execution (RCE) vulnerability, CVE-2025-53770, actively exploited in the wild.
2.0 Impact
The vulnerability exists in on-premises SharePoint Server due to unsafe deserialization of untrusted data, enabling unauthenticated remote attackers to execute arbitrary code and gain full administrative control of the system.
3.0 Affected Products
- CVE-2025-53770 (Critical) : Microsoft SharePoint Server (On-premises)
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the Microsoft’s recommended mitigation steps & security advisory to apply the necessary updates.
Kindly refer to the following URLs for more information:
- https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53770
Generally, we advise the users to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact the Cyber999 Incident Response Team through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.cybersecurity.my
5.0 References