An uncovered vulnerability in Microsoft SharePoint triggered concern across public and private sectors, but some states are staying ahead of the threat. With proactive patching, layered defenses, and cloud-first strategies, states like Missouri and Indiana offer reminders that strong cybersecurity practices pays off.
Previously covered by MACo, a newly discovered security flaw in Microsoft SharePoint set off a wave of cyberattacks targeting governments, universities, and private organizations, including multiple US federal and state agencies. The Maryland Department of Information Technology (DoIT) requested input from local governments regarding their use of on-premises SharePoint servers.
In an article from Government Technology, as news of the zero-day vulnerability in Microsoft SharePoint (CVE-2025-53770) unfolds, states across the country are closely monitoring potential risks to their IT infrastructure. The exploit, which has been actively used in campaigns affecting over 400 organizations, targets on-premises SharePoint servers and could allow attackers to steal cryptographic materials.
Missouri and Indiana report no breaches so far, thanks to cloud-based deployments, strong coordination with Microsoft, and layered security approaches that prioritize visibility and preparedness. Missouri credits its zero-trust architecture and quick response from internal SharePoint admins for keeping systems secure, while many Indiana local government entities have migrated to SharePoint Online, minimizing exposure.
From the article:
“You can’t protect what you don’t know you have,” CISO Bernice Bond said Tuesday. “So having that visibility into your environment is critical. And that’s where we start with our agencies — understanding what assets they have, what systems are running and where their data lives.”
With federal and state cybersecurity agencies on alert, local governments should continue to assess their environments, and follow emerging guidance to safeguard systems.
Read the full Government Technology article.
Stay tuned to Conduit Street for more information.
