WASHINGTON, D.C.: Microsoft has warned of active cyberattacks targeting a widely used server software that allows businesses and government agencies to share documents internally. The company urged customers to apply critical security updates immediately to avoid exploitation.

The software under attack is Microsoft's on-premise SharePoint Server, which is commonly deployed by organizations that manage their infrastructure. Microsoft clarified that its cloud-based SharePoint Online service within Microsoft 365 is not affected.

In a security advisory issued on July 19, the company described the threat as a "zero-day" attack, referring to the exploitation of a previously unknown software flaw. According to experts cited by The Washington Post, which first reported the breach, the flaw has been used in recent days to launch cyberattacks against U.S. and international government agencies and businesses. Tens of thousands of servers may be vulnerable.

"We've been coordinating closely with CISA, DOD Cyber Defense Command, and key cybersecurity partners globally throughout our response," a Microsoft spokesperson said. "Security updates have been issued and customers should install them immediately."

The vulnerability allows an attacker with network access to perform "spoofing"—a type of deception in which a malicious actor impersonates a trusted entity. This technique can be used to manipulate systems, financial markets, or internal communications by masking the source of malicious activity.

The FBI confirmed over the weekend that it is aware of the ongoing attacks and is working with federal agencies and private-sector partners to investigate, though it provided no further details.

Microsoft said it is developing updates specifically for the 2016 and 2019 versions of SharePoint. Until those fixes are available, customers unable to implement Microsoft's recommended security configurations should consider disconnecting affected servers from the internet to limit exposure.

Spoofing attacks can be hazardous in environments like government networks or financial institutions, where trust in digital communications is paramount. Microsoft has provided detailed mitigation instructions for system administrators to secure their environments while patches are rolled out.

This incident is the latest in a string of cyber threats affecting critical infrastructure and enterprise tools. These often involve sophisticated attackers exploiting unpatched vulnerabilities before companies are aware they exist.