Microsoft has raised concerns over ongoing cyberattacks aimed at a server platform used by businesses and government bodies for internal document-sharing. The tech giant issued a security advisory over the weekend, urging organisations to promptly apply updates to protect against a vulnerability being actively exploited.

The warning applies only to SharePoint servers hosted on-site, while Microsoft has confirmed that its cloud-based version, SharePoint Online within Microsoft 365, remains unaffected. According to the company, a vulnerability “allows an authorized attacker to perform spoofing over a network,” giving them the leeway to disguise their identity to appear as a trusted entity.

The FBI said on Sunday it is aware of the situation and is working closely with its federal and private-sector partners, without having revealed much further details.

Sources have noted that the flaw had been used to launch a so-called “zero day” attack, which is a type of hack exploiting unknown vulnerabilities. Experts quoted by the paper said the recent activity had potentially put tens of thousands of servers at risk, both in the US and internationally.

Microsoft announced that it has already released a security update for SharePoint Subscription Edition and advised customers to install it without delay. Updates for SharePoint 2016 and 2019 versions are still in development. The company added that if customers cannot apply recommended protection, they should disconnect their servers from the internet until a security update is available.