Microsoft patches critical SharePoint 2016 zero-days amid active exploits

Microsoft has good news for administrators running SharePoint Server 2016. The cloud and software megacorp has published updates to close a gaping hole in the document management service.

What's particularly concerning is that the vulnerability allows hackers to impersonate users or services even after the SharePoint server is patched. Attackers maintain access even after organizations think they're secure

The patch was issued on July 21 and follows updates already available for SharePoint Server 2019 and SharePoint Server Subscription Edition. However, while it should address two zero-day vulnerabilities, CVE-2025-53770 and CVE-2025-53771, which allowed miscreants to access servers connected to the internet, it is possible that attackers may have already accessed data or systems.

The alarm was raised last week regarding the vulnerabilities after attackers found ways to bypass Microsoft's patches for other flaws in the July Patch Tuesday updates for the servers.

In its customer guidance for the ...