好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。用户给的文章是关于微软SharePoint的一个漏洞被利用的情况。 首先,我得通读整篇文章,抓住关键点。文章提到CISA警告说,一个在1月修补的SharePoint漏洞CVE-2026-20963现在被攻击者利用了。这个漏洞影响了多个版本的SharePoint服务器,包括2016、2019和订阅版。而2007、2010、2013版本已经停止支持,没有补丁,管理员需要升级。 成功利用这个漏洞可以让无权限的攻击者在未修补的服务器上执行远程代码。微软在1月的补丁中修复了它,并提到攻击者可以在网络攻击中注入和执行代码。虽然微软还没标记为野外被利用,但CISA已经将其加入活跃漏洞目录,并要求联邦机构在3月21日前修复。 CISA还敦促所有网络防御者尽快修补设备,并指出这类漏洞是常见的攻击目标,风险很高。此外,CISA还要求修复Zimbra协作套件中的XSS漏洞。 接下来,我需要把这些信息浓缩到100字以内。重点包括:漏洞CVE-2026-20963被利用,影响多个SharePoint版本,旧版本已停更需升级,攻击者可远程执行代码,CISA警告并要求修复。 现在组织语言:微软SharePoint存在严重漏洞CVE-2026-20963,影响多个版本;旧版已停更需升级;成功利用可致远程代码执行;CISA警告并要求联邦机构于3月21日前修复;敦促所有用户尽快修补以防范风险。 检查字数是否在限制内,并确保信息准确无误。 </think> 微软SharePoint存在严重漏洞CVE-2026-20963, 影响多个版本服务器; 旧版已停更需升级. 成功利用可致无权限攻击者远程代码执行. CISA警告并要求联邦机构于3月21日前修复, 敦促所有用户尽快修补以防范风险. 2026-3-19 10:15:19 Author: www.bleepingcomputer.com(查看原文) 阅读量:11 收藏
A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned.
Tracked as CVE-2026-20963, this security flaw affects SharePoint Enterprise Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition.
SharePoint Server 2007, SharePoint Server 2010, and SharePoint Server 2013 are also vulnerable to attacks but are end-of-support and no longer receive security updates. Admins are advised to upgrade end-of-support SharePoint Server versions to a supported version to block attacks.
Successful exploitation enables threat actors without privileges to achieve remote code execution on unpatched servers in low-complexity attacks that exploit a deserialization of untrusted data weakness.
"In a network-based attack, an unauthenticated attacker could write arbitrary code to inject and execute code remotely on the SharePoint Server," Microsoft said when it patched the vulnerability as part of its January 2026 Patch Tuesday.
While Microsoft updated its CVE-2026-20963 advisory this Tuesday, the company has yet to flag it as exploited in the wild.
However, CISA added the security flaw to its catalog of actively exploited vulnerabilities and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their servers by Saturday, March 21.
FCEB agencies are non-military U.S. executive branch agencies, such as the Department of Homeland Security, the Department of Energy, the Department of Justice, and the Department of State.
CISA didn't provide further information on these ongoing CVE-2026-20963 attacks and has yet to find any evidence that it's being exploited in ransomware attacks.
Even though BOD 22-01 targets only federal agencies, CISA "strongly" urged all network defenders to patch their devices against exploitation of CVE-2025-40551 as soon as possible.
"This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise," CISA warned.
"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable."
On Wednesday, CISA also ordered federal agencies to patch a stored cross-site scripting (XSS) weakness in the Zimbra Collaboration Suite (ZCS) that is now exploited in the wild.
Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
如有侵权请联系:admin#unsafe.sh