Microsoft now has to worry about its SharePoint Servers as they currently are under attack. The China Chopper Web shells, a malicious script is a culprit here. Attackers were able to install the malicious scripts on SharePoint Servers which according to various cybersecurity authorities, will let them exploit a recently patched CVE-2019-0604 vulnerability and gain access to corporate and government networks(via ZDNet).
“An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account,” Microsoft said.
Microsoft doesn’t have a solution as of yet and that means the security flaw is still causing damage to the SharePoint Servers.
To make sure that you are safe, you need to make sure that your systems are up to date.
ZDNet also has a clever solution for those who failed to apply patches.
If patches can’t be applied, organizations are advised to put vulnerable SharePoint servers behind a firewall, accessible on internal networks only. Servers might remain vulnerable, but at least they won’t be a gateway for hackers into companies’ networks.