Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.The software giant on Saturday said it was aware of "active attacks" that exploited vulnerabilities in the program,

Microsoft said in a post on its website on Saturday that it was “aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities.” SharePoint is a Microsoft platform that allows customers to manage and share documents within their organizations.

Microsoft warned users that hackers used a security flaw in its server software to attack government agencies and businesses around the world. The federal government, along with those in Canada and Australia, has launched an investigation into the hack that targeted SharePoint servers, The Washington Post reported.

A critical security vulnerability in Microsoft SharePoint has been actively exploited by threat actors to infiltrate thousands of organizations worldwide.

Microsoft released security updates for SharePoint Subscription Edition and SharePoint 2019, noting “customers should apply these updates immediately to ensure they’re protected.” The company added that it was developing security updates for supported versions of SharePoint 2019 and SharePoint 2016.

Vulnerabilities in the software have allowed hackers to access file systems and execute code, the US Cybersecurity and Infrastructure Security Agency warned on Sunday.

Patches have been issued for two versions of Microsoft’s SharePoint software, while one version remains vulnerable.

The Matanbuchus malware loader has been seen being distributed through social engineering over Microsoft Teams calls impersonating IT helpdesk.

Microsoft issued an alert about "active attacks" targeting its SharePoint server software, which is widely used by businesses and government agencies to share files.