Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Microsoft has issued an emergency fix to close off a vulnerability in Microsoft’s SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.

Researchers say Chinese actors, along with other criminal hackers, exploited a security flaw in SharePoint software widely used by governments and businesses.

A global attack on Microsoft server software used by thousands of government agencies and businesses to share documents within organisations is likely the work of a single actor, a cybersecurity researcher said on Monday.

Microsoft released an emergency security patch on Sunday to “mitigate active attacks targeting on-premises servers.”

Microsoft has alerted organizations about active attacks exploiting a vulnerability in SharePoint servers, impacting over 10,000 on-premise installations, including those at businesses and government agencies.