Microsoft SharePoint

SharePoint Product Family

SharePoint is presented as two main products:

• Windows SharePoint Services (WSS) и
• Microsoft Office SharePoint Server (MOSS).

In addition, the Microsoft Office SharePoint Designer (SPD) tool is offered.

Windows SharePoint Services (WSS) is a free application to Windows Server. WSS provides a basic collaboration infrastructure - editing, storing documents, versioning, etc. It also includes such functionality as "routes" of document movement (document management platform), job lists, reminders, online discussions. WSS was previously known as SharePoint Team Services.

Microsoft Office SharePoint Server (MOSS) is a paid component for integrating SharePoint functionality into MS Office applications. It is an add-on over WSS and extends its capabilities. Includes tools for business analytics - Excel Services, Business Data Catalog. MOSS allows you to access Microsoft Project Server and Microsoft Office InfoPath forms through a browser, centrally, in accordance with the concept of a multi-module portal. Supports special libraries such as PowerPoint Template Libraries. MOSS was formerly known as SharePoint Server and SharePoint Portal Server.

Microsoft Office SharePoint Designer (SPD) is an HTML editor in the WYSIWYG style (formerly FrontPage), sharpened to create SharePoint pages and manage documents for WSS sites. SPD makes it possible to access the functionality of its render engine through Microsoft Expression Web and through the Microsoft Visual Studio development environment. In the spring of 2009, it became a free product.

Advantages

Dashboards

One of the most important characteristics of the product is to enable end users (both managers and managers, as well as ordinary employees) to organize all company reporting information in the form of dashboards and create a graphical interface without involving IT specialists and additional programming. Moreover, these interactive dashboards, created to simplify the analysis of information, are formed from lists and tables of various sources (including both spatial and analytical). Of course, a lot of importance is the ability of the system to build the so-called "decomposition tree," which allows you to decompose a single indicator into influencing factors (that is, to track the dynamics of the development of this indicator over time, by individual employees, by region, etc.). MS Share Point data visualization tools also include indicators in the form of minimal sensors, which provide the ability to quickly determine the state of a single data value. Indicators can be used separately in panels or in freeform reports, usually they are used in tables or matrices to visually represent data in rows or columns; indicators also allow you to display the trend using images. But the main advantage of the product is to enable all employees to draw up and use important information in a visual and well-understood form.

Documents in a smart store on SharePoint can be structured by department name, customer name, status, size, type (invoice, report, contract), or even contract amount. This takes a minimum amount of time to find files in shared storage. In this case, you can set different retention policies for all data, noting how much a document should exist. The system also makes it possible to notify the user whenever a file changes. At the same stage, tools for monitoring work processes are provided, for example, monitoring the stages of document approval and much more.

In general Microsoft , the SharePoint platform is a class platform ECM designed to manage enterprise information. SharePoint combines portal capabilities, content storage, collaboration, built-in automation, and business processes powerful search and business intelligence. The advantage of this platform is that all its functionality is initially "in the box" and the client should not purchase additional options for the implementation of any services. It is also convenient that the system can be maintained and developed by a regular IT specialist, and you can work with it, including from mobile devices. The platform is the global market leader in ECM Gartner as of September 2010.

Automation of enterprise business processes on the Microsoft SharePoint platform allows you not only to create a customer relationship management system, but also enterprise document management, personnel management, technical support, and financial management systems. At the same time, the system allows you to reduce operating costs, restore order in documents, increase the efficiency of working with clients and increase labor productivity at the enterprise by speeding up the process of transferring information and automating routine processes.

2025

SharePoint Vulnerability Chain Captures Enterprise Portals and Document Management Systems

FSTEC in the twentieth of July warned of the discovery of a vulnerability BDU:2025-08714^[1] in Microsoft SharePoint Server, the criticality of which was rated 9.8 (out of 10) by CVSS. Its exploit has been published and is already being used by attackers in real attacks. Microsoft has released fixes for the product, and it is recommended to install it as quickly as possible, but FSTEC experts indicate that only trusted sources should be used for this.

The detected error is associated with the shortcomings of the deserialization mechanism of software objects, which allows you to implement an attack through the recovery of invalid codes in memory and their subsequent execution (CWE-502). A vulnerability of this class allows an attacker acting remotely to execute arbitrary code. The software error is contained in assemblies ≥ 16.0.0.0 and <16.0.10417.2002 и была исправлена производителем. Для ее устранения необходимо установить соответствующий пакет обновления. Версии продукта SharePoint Online и Microsoft 365 are not vulnerable.

Microsoft SharePoint Server has long remained a popular platform for organizing internal document management and collaboration in Russian companies, "Anton Antropov, technical director of IT Task, reminded TAdviser of the situation with this software. - Even after the vendor leaves the market, a small part of large business continues to use local SharePoint installations due to the complexity of software migration and integration with business processes. In fact, the vulnerability makes it possible to seize control of the server, inject malicious code or create a bookmark with subsequent preservation of access.

It is quite difficult to quickly switch to domestic document management platforms in large companies. More often, the corresponding system is simply closed inside the company's secure perimeter until the import substitution process is completed and remote access is blocked to it. However, in the case of working with remote employees, this is also quite difficult to do effectively.

Microsoft SharePoint Server in the Russian Federation today may not be the most popular product: according to open sources, no more than 10% of companies use it, - Sergey Polunin, head of the infrastructure IT solutions protection group at Gazinformservice, shared his information with TAdviser. - However, these are exclusively large companies for which the reliability of solutions and integration with other Microsoft products are important. This decision can be found everywhere, from government agencies to large telecoms, but small and medium-sized businesses, as a rule, switch to something less difficult.

And it is large clients that are the main targets for attackers, so spreading information about this vulnerability can lead to a wave of attacks on the corresponding infrastructure.

𝓲

Фото: Ideogram

Due to the fact that the vulnerability allows an attacker to remotely execute code and there is evidence of its operation in real attacks, it is extremely dangerous, "said Semyon Rogachev, head of the Bastion incident response department. - At the same time, the number of Sharepoint servers detected in Russia is unlikely to indicate that the exploitation of this vulnerability will lead to massive attacks in the country.

According to CyberOK,^[2]) of about 1.8 thousand copies of SharePoint was discovered in Runet, of which, according to experts, about 20% are BDU:2025-08714 vulnerable. It should be noted that search engines of vulnerable servers, such as Censys, Shodan, Netlas and Russian SCIPA, developed by CyberOK, scan IP addresses to detect instances of this or that software on them. They use different methods of determining which applications are located at each address, so the data they receive is very different. In addition, the data on which IP addresses belong to Russia may also differ. So there may be strong discrepancies in the number of vulnerable SharePoint servers available from the Internet in the Russian Federation.

However, it should be noted that SharePoint is traditionally used for internal document management - these servers are usually not available from the Internet. Judging by the open tender documentation at the procurement sites, according to which the TAdviser was searched, the largest SharePoint purchases since the start of the SVO were made by the Network Company, Novosibirsk Energosbyt, Samaraenergo, Tvelom and NPF Blagosostoyanie. And in fairly recent purchases, SharePoint is mentioned when describing the IT infrastructure, including large organizations.

This suggests that this product is also actively used within the state infrastructure, which is not available for SCIP analysis. That is, published exploits for the vulnerability under discussion can be used by hackers to move horizontally inside already hacked information systems.

CyberOK has already recorded attacks that exploit a chain of three vulnerabilities: BDU:2025-08524^[3], BDU:2025-08436^[4] and BDU:2025-08714, which jointly allow you to completely capture the public SharePoint server vulnerable to them. The company's experts discovered at least two waves of attacks using this chain of vulnerabilities: the first was held on July 18 from California (USA), and the second - on July 19 from Frankfurt am Main (Germany).

These are extremely dangerous vulnerabilities, since they allow an attacker to execute arbitrary code on a vulnerable server remotely without authentication, "warned TAdviser readers Anton Kargin, an expert at the Solar 4RAYS Cyber ​ ​ Threat Research Center HPE Analysis Group. - Thus, attackers can access the infrastructure of which this server is a part. Verification of the concept of this chain is published in the public domain, and so far not all companies have updated the server software, vulnerabilities can be exploited for mass attacks. Such attacks, for example, were in 2021, when they discovered the ProxyLogon vulnerability, which allows attacks on Microsoft Exchange servers.

To stop the consequences of attacks, Sergey Gordeichik, CEO of CyberOK, recommends that owners of vulnerable SharePoint servers perform the following actions as quickly as possible:

• Update to the current version;
• Apply recommendations from Microsoft;
• Isolate host, do not publish to WAN;
• Enable Microsoft Defender with AMSI;
• Track specific queries in logs.

Hacking companies around the world due to a critical vulnerability in SharePoint

Cybercriminals have exploited a critical vulnerability in Microsoft SharePoint server software and launched a massive attack on government agencies and corporations around the world. The hacks affected U.S. federal agencies, universities, energy companies and an Asian telecommunications firm. The attack was identified in July 2025.

According to the Washington Post, the US government, together with partners from Canada and Australia, is investigating the hacking of SharePoint servers, which provide a platform for sharing and managing documents. Tens of thousands of such servers around the world are at risk.

𝓲

Фото: Unsplash

The researchers noted that a global hacker attack on products Microsoft affected the United States and government agencies. The zero-day attack targeted a previously unknown vulnerability, another blow to Microsoft's reputation in the field. cyber security

Anyone with a SharePoint server has a problem, "said Adam Meyers, senior vice president of CrowdStrike information security company. "This is a serious vulnerability.

The expert emphasized the scale of the threat to organizations around the world, as hackers hacked American departments and companies using a critical vulnerability in software.

The attack affected only the internal servers of organizations, and not cloud Microsoft 365 decisions. The company initially suggested that users make changes to server programs or disconnect them from the Internet. On Sunday night, Microsoft released an update for one version of the software, but the other two versions remain vulnerable.

The FBI confirmed awareness of the incident and said it was working closely with federal and private partners. The Cybersecurity and Infrastructure Protection Agency received a warning about the problem Friday from the cyber intelligence company and immediately contacted Microsoft.^[5]

2018: The ability to work together in mixed reality

On May 25, 2018, Microsoft announced the addition of business features to SharePoint that are designed to make collaboration experience more immersive and give users smart capabilities thanks to artificial intelligence, and announced SharePoint Server 2019.

Microsoft adds mixed reality collaboration to SharePoint

According to the information provided by the developer, Microsoft SharePoint Spaces virtual environments will allow you to easily and quickly create 360 ° video and mixed reality spaces based on existing templates with the ability to intuitively add 3D objects, documents and other necessary elements. It is supported to view using Windows Mixed Reality headsets or in a browser without the need to purchase special devices. The created project can be shared with colleagues and work together in a visual environment with "full immersion."

With Microsoft SharePoint Spaces, companies will be able to create customized applications that can be very expensive to develop from scratch. They can be used, in particular, for excursions for new employees, staff training, joint product development and much more, the company noted. In the future, Microsoft plans to include SharePoint Spaces in Office 365 for commercial users.

According to Microsoft, artificial intelligence technologies will make the experience as personalized as possible, as well as quickly find the files and contacts you need. Among the AI capabilities presented are:

• "Smart" search in the SharePoint mobile application to always and everywhere find everything you need;
• An improved Office.com start page with personalized AI file recommendations;
• Working with images. Recognize objects and text in photos, and search for keyword images in Office 365;
• Cognitive services to automate business processes. Using Microsoft Flow to speed up the start of processes using cognitive services such as image recognition, geolocation detection, text extraction, and more.

Notes