Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

NCSC Releases Alert on Microsoft SharePoint Vulnerability

Last Revised

The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an Alert to address a vulnerability—CVE-2020-16952—affecting Microsoft SharePoint server. An attacker could exploit this vulnerability to take control of an affected system. Applying patches from Microsoft’s October 2020 Security Advisory for CVE-2020-16952 can prevent exploitation of this vulnerability.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to review the NCSC Alert and the Microsoft Security Advisory for CVE-2020-16952 for more information.

This product is provided subject to this Notification and this Privacy & Use policy.