04:16 AM EDT, 07/21/2025 (MT Newswires) -- Microsoft ( MSFT ) issued an alert about "active attacks" on its server software and recommended clients to install new security updates "immediately" that have been rolled out, its Security Response Center said in a blog post Saturday.

The "vulnerabilities" apply to on-premises SharePoint Servers, while SharePoint Online in Microsoft ( MSFT ) 365 is not hit, the blog added.

Customers should use supported versions of on-premises SharePoint Server, install the latest security updates and Microsoft Defender for Endpoint protection, ensure the Antimalware Scan Interface is properly configured, and Rotate SharePoint Server ASP.NET machine keys to reduce potential attacks, the blog said.

Separately, the US Cybersecurity and Infrastructure Security Agency also said it was aware of "active exploitation" enabling unauthorized access to on-premise SharePoint servers.