THE US Cybersecurity and Infrastructure Security Agency (CISA) has urged immediate strengthening of Microsoft SharePoint servers following the discovery of zero-day vulnerabilities, notably CVE-2026-56164, which allows remote privilege escalation without authentication. This vulnerability, alongside others such as CVE-2026-55040 and CVE-2026-58644, poses significant risks if not patched promptly.
CISA advised federal agencies to apply security patches within three days, and suggested organizations monitor their SharePoint servers for unusual activity. Recommendations include ensuring comprehensive security coverage for SharePoint web applications and rotating IIS machine keys to enhance security.