Tech Translated

IT Security & Technology Blog

Practical IT insights for Australian businesses. Our team covers cybersecurity advisories, compliance updates, and plain-English explainers on the technology your business relies on, published regularly as the landscape shifts.

IT support technicians reviewing systems in a server room

On-prem SharePoint Server is under active attack — patch now

If your business still runs SharePoint on your own servers — not the cloud version bundled with Microsoft 365 — there’s a flaw worth closing this week. CISA has added CVE-2026-45659, a remote code execution bug in SharePoint Server, to its Known Exploited Vulnerabilities catalogue after confirming it’s being exploited in the wild, as reported by The Hacker News. Microsoft shipped the patch back in May — but a patch only helps if you’ve actually applied it.

The bug (CVSS 8.8) affects SharePoint Server Subscription Edition, SharePoint Server 2019 and Enterprise Server 2016. SharePoint Online isn’t affected, because Microsoft patches that itself. Any authenticated user with basic “site member” access can exploit it to run code on the server, so an attacker doesn’t need an admin account to do real damage. Here’s the part worth sitting up for: Microsoft’s own advisory rated this one “Exploitation Less Likely.” That reassuring label is exactly why a lot of teams would have let it drift down the patch queue — and now it’s on CISA’s actively-exploited list. Vendor severity ratings are a starting point, not the final word.

If you run on-prem SharePoint — still common in Australian firms that keep documents in-house for data-sovereignty or client-confidentiality reasons — confirm the May 2026 security update is installed today, and check your server logs for unfamiliar admin accounts or odd activity. If you’re not certain every instance is covered, get your IT provider to verify patch status across all of them, not just the obvious one.

Not sure what’s exposed? Our team can review your patch status and on-prem footprint as part of managed cybersecurity.

Related Guide

Cybersecurity for Sydney SMBs

Explore our complete guide to protecting your business from cyber threats.

Read the Full Guide →