{"id":7953,"date":"2025-07-23T20:36:39","date_gmt":"2025-07-23T18:36:39","guid":{"rendered":"https:\/\/test.it-dev.eu\/?p=7953"},"modified":"2025-09-15T14:37:37","modified_gmt":"2025-09-15T12:37:37","slug":"zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770","status":"publish","type":"post","link":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/","title":{"rendered":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770)"},"content":{"rendered":"\n<p>19 lipca 2025 roku Microsoft opublikowa\u0142 opis luki typu zero-day <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-53770\">CVE-2025-53770<\/a> umo\u017cliwiaj\u0105cej atak na serwery Microsoft SharePoint on-premises poprzez nieautoryzowane wykonanie zdalnego kodu, co stanowi powa\u017cne zagro\u017cenie dla firm i instytucji przechowuj\u0105cych wra\u017cliwe dane na w\u0142asnej infrastrukturze. <strong>Serwery chmurowe SharePoint Online nie s\u0105 podatne na powy\u017csz\u0105 luk\u0119<\/strong>.<\/p>\n\n\n\n<div class=\"wp-block-group itdev-toc is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p><strong>W tym artykule:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"#mechanizm\">Mechanizm ataku CVE-2025-53770<\/a><\/li>\n\n\n\n<li><a href=\"#SharePoint\">Kt\u00f3re wersje SharePoint s\u0105 podatne i jak si\u0119 zabezpieczy\u0107<\/a><\/li>\n\n\n\n<li><a href=\"#cve\">Udokumentowane ataki wykorzystuj\u0105ce CVE-2025-53770<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<p>Powy\u017csza luka pozwala na deserializacj\u0119 niezaufanych danych z pomini\u0119ciem uwierzytelnienia i umo\u017cliwia atakuj\u0105cemu obej\u015bcie poprawek wprowadzonych w lipcowych biuletynach bezpiecze\u0144stwa, dotycz\u0105cych podatno\u015bci <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49704\">CVE-2025-49704<\/a> oraz &nbsp;<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49706\">CVE-2025-49706<\/a>. R\u00f3wnolegle z ni\u0105 opublikowano <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-53771\">CVE-2025-53771<\/a>, b\u0119d\u0105c\u0105 \u201epatch bypass\u201d dla innej luki z \u0142a\u0144cucha ToolShell (<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-49706\">CVE-2025-49706<\/a>), pozwalaj\u0105cej nieautoryzowanemu u\u017cytkownikowi na dost\u0119p do informacji bez wp\u0142ywu na dost\u0119pno\u015b\u0107 us\u0142ug. Obie luki  bezpiecze\u0144stwa &#8211; dotycz\u0105ca nieautoryzowanego dost\u0119pu do danych i nieautoryzowanego wykonania kodu zosta\u0142y ujawnione na konkursie Trend Micro&#8217;s Zero Day Initiative Pwn2Own Berlin 2025, ale nowe poprawki zawieraj\u0105 bardziej solidne zabezpieczenia ni\u017c ich pierwowzory opracowane na tej konferencji.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"mechanizm\">Mechanizm ataku<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Atakuj\u0105cy wysy\u0142a spreparowane \u017c\u0105danie POST do endpointa <code>\/_layouts\/*\/ToolPane.aspx<\/code> co powoduje deserializacj\u0119 z\u0142o\u015bliwych obiekt\u00f3w w kontek\u015bcie IIS.<\/li>\n\n\n\n<li>Po uzyskaniu wykonania kodu w katalogu Layouts instalowany jest webshell <code>spinstall0.aspx<\/code>.<\/li>\n\n\n\n<li>Z webshella ekstrachowane s\u0105 klucze cryptograficzne ValidationKey i DecryptionKey.<\/li>\n\n\n\n<li>U\u017cywaj\u0105c skradzionych kluczy, atakuj\u0105cy podpisuj\u0105 dalsze \u017c\u0105dania do serwera i w pe\u0142ni przejmuj\u0105 kontrol\u0119 nad serwerem, niezale\u017cnie od p\u00f3\u017aniejszego usuni\u0119cia webshella.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"533\" src=\"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-800x533.webp\" alt=\"\" class=\"wp-image-8255\" style=\"width:840px;height:auto\" srcset=\"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-800x533.webp 800w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-300x200.webp 300w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-768x512.webp 768w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-700x467.webp 700w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-473x315.webp 473w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-946x630.webp 946w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-410x273.webp 410w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-820x546.webp 820w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-401x267.webp 401w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web-801x534.webp 801w, https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-Mechanizm-ataku-2-web.webp 1400w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"SharePoint\">Podatne wersje SharePoint i zalecane dzia\u0142ania ochronne<\/h2>\n\n\n\n<p>W celu ochrony przed podatno\u015bciami nale\u017cy niezw\u0142ocznie zastosowa\u0107 najnowsze poprawki dla wszystkich wspieranych wersji SharePoint Server 2016, 2019 oraz Subscription Edition oraz upewni\u0107 si\u0119, \u017ce integracja z Antimalware Scan Interface (AMSI) jest w\u0142\u0105czona i poprawnie skonfigurowana, najlepiej w trybie Full Mode z Microsoft Defender Antivirus na serwerach SharePoint.<\/p>\n\n\n\n<div class=\"wp-block-group itdevbox important is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p><strong>Wa\u017cne: <\/strong>Po instalacji \u0142atek oraz uruchomieniu AMSI warto dokona\u0107 rotacji kluczy ASP.NET Machine Keys i zrestartowa\u0107 IIS zgodnie z dokumentacj\u0105 SharePoint.<\/p>\n<\/div>\n\n\n\n<p>Je\u017celi nie jest mo\u017cliwe niezw\u0142oczne za\u0142atwienie poprawek, od\u0142\u0105czy\u0107 serwery SharePoint od Internetu lub ograniczy\u0107 ruch do uwierzytelnionego VPN\/proxy.<\/p>\n\n\n\n<p>Poni\u017cej zestawiono wersje SharePoint obj\u0119te podatno\u015bci\u0105 oraz odpowiadaj\u0105ce im aktualizacje bezpiecze\u0144stwa.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Wersja SharePoint<\/th><th>Numer poprawki<\/th><th>KB<\/th><\/tr><\/thead><tbody><tr><td>SharePoint Server Subscription Edition<\/td><td>16.0.18526.20508<\/td><td><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=108285\">KB5002768<\/a><\/td><\/tr><tr><td>SharePoint Server 2019<\/td><td>16.0.10417.20037<\/td><td><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=108286\">KB5002754<\/a> (server) oraz <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=108287\">KB5002753<\/a> (language pack)<\/td><\/tr><tr><td>SharePoint Enterprise Server 2016<\/td><td>16.0.5513.1001<\/td><td><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=108288\">KB5002760<\/a> (server) oraz <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=108289\">KB5002759<\/a> (language pack)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"cve\">Ataki wykorzystuj\u0105ce luk\u0119 CVE-2025-53770<\/h2>\n\n\n\n<p>Pierwsze pr\u00f3by wykorzystania luki CVE-2025-53770 odnotowano ju\u017c 7 lipca 2025 r., przeciwko infrastrukturze rz\u0105dowej w USA i Europie Zachodniej. Microsoft oficjalnie potwierdzi\u0142 aktywne pr\u00f3by wykorzystania luk, dotychczas potwierdzono ponad 80 instalacji SharePoint zainfekowanych z wykorzystaniem tej luki, mi\u0119dzy innymi farm\u0119 SharePoint nale\u017c\u0105c\u0105 do National Nuclear Security Administration, cz\u0119\u015b\u0107 Departamentu Energii rz\u0105du USA.<\/p>\n\n\n\n<p>Badacze odnotowali, \u017ce w pr\u00f3bach ataku uczestniczy\u0142y chi\u0144skie grupy pa\u0144stwowe Linen Typhoon i Violet Typhoon oraz aktor Storm-2603, wykorzystuj\u0105ce \u0142a\u0144cuch ToolShell dla uzyskania nieautoryzowanego dost\u0119pu.<\/p>\n\n\n\n<div class=\"wp-block-group itdevpanel is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p><strong>Masz SharePointa on-premises? Nie czekaj.<\/strong><\/p>\n\n\n\n<p>Je\u015bli Twoja organizacja korzysta z lokalnych serwer\u00f3w SharePoint, warto skonsultowa\u0107 zabezpieczenia przed luk\u0105 CVE-2025-53770. Pomo\u017cemy Ci wdro\u017cy\u0107 poprawki, sprawdzi\u0107 konfiguracj\u0119 AMSI i doradzi\u0107 w kwestii rotacji kluczy.<\/p>\n\n\n\n<p>\ud83d\udc49&nbsp;<strong>Napisz do nas<\/strong>&nbsp;i zabezpiecz swoj\u0105 infrastruktur\u0119<\/p>\n\n\n\n<p><a href=\"https:\/\/test.it-dev.eu\/pl\/kontakt\/\" class=\"button glass\">Napisz do nas<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>19 lipca 2025 roku Microsoft opublikowa\u0142 opis luki typu zero-day CVE-2025-53770 umo\u017cliwiaj\u0105cej atak na serwery Microsoft SharePoint on-premises poprzez nieautoryzowane wykonanie zdalnego kodu, co stanowi powa\u017cne zagro\u017cenie dla firm i instytucji przechowuj\u0105cych wra\u017cliwe dane na w\u0142asnej infrastrukturze. Serwery chmurowe SharePoint Online nie s\u0105 podatne na powy\u017csz\u0105 luk\u0119. W tym artykule: Powy\u017csza luka pozwala na deserializacj\u0119<a class=\"excerpt-read-more\" href=\"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/\" title=\"ReadZero-day exploit w Microsoft SharePoint (CVE-2025-53770)\">&#8230; Read more &raquo;<\/a><\/p>\n","protected":false},"author":2,"featured_media":8252,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[35,59],"tags":[],"class_list":["post-7953","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-pl","category-sharepoint-pl"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev<\/title>\n<meta name=\"description\" content=\"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pl_PL\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev\" \/>\n<meta property=\"og:description\" content=\"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/\" \/>\n<meta property=\"og:site_name\" content=\"IT-Dev\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ITDevWroc\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-23T18:36:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-15T12:37:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"563\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Tomasz Sza\u0142aj\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@IT_Dev\" \/>\n<meta name=\"twitter:site\" content=\"@IT_Dev\" \/>\n<meta name=\"twitter:label1\" content=\"Napisane przez\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tomasz Sza\u0142aj\" \/>\n\t<meta name=\"twitter:label2\" content=\"Szacowany czas czytania\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minuty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/\"},\"author\":{\"name\":\"Tomasz Sza\u0142aj\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#\\\/schema\\\/person\\\/41e6b7562e4a3c8f277f37fb5ca8aadb\"},\"headline\":\"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770)\",\"datePublished\":\"2025-07-23T18:36:39+00:00\",\"dateModified\":\"2025-09-15T12:37:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/\"},\"wordCount\":564,\"publisher\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Grafika-tytulowa-1-web.webp\",\"articleSection\":[\"Blog\",\"Sharepoint\"],\"inLanguage\":\"pl-PL\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/\",\"name\":\"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Grafika-tytulowa-1-web.webp\",\"datePublished\":\"2025-07-23T18:36:39+00:00\",\"dateModified\":\"2025-09-15T12:37:37+00:00\",\"description\":\"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#breadcrumb\"},\"inLanguage\":\"pl-PL\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pl-PL\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#primaryimage\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Grafika-tytulowa-1-web.webp\",\"contentUrl\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2025\\\/07\\\/Grafika-tytulowa-1-web.webp\",\"width\":800,\"height\":563},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/blog-pl\\\/sharepoint-pl\\\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Strona g\u0142\u00f3wna\",\"item\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#website\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/\",\"name\":\"IT-Dev - Limitless Digital Workplace\",\"description\":\"We create limitless Digital Workplaces\",\"publisher\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pl-PL\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#organization\",\"name\":\"IT-Dev - Limitless Digital Workplace\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pl-PL\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/it-dev-logo-696x696-1.png\",\"contentUrl\":\"https:\\\/\\\/test.it-dev.eu\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/it-dev-logo-696x696-1.png\",\"width\":696,\"height\":696,\"caption\":\"IT-Dev - Limitless Digital Workplace\"},\"image\":{\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/ITDevWroc\\\/\",\"https:\\\/\\\/x.com\\\/IT_Dev\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/it-dev\\\/\",\"https:\\\/\\\/www.youtube.com\\\/user\\\/biuroitdev\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/#\\\/schema\\\/person\\\/41e6b7562e4a3c8f277f37fb5ca8aadb\",\"name\":\"Tomasz Sza\u0142aj\",\"url\":\"https:\\\/\\\/test.it-dev.eu\\\/pl\\\/author\\\/tszalajit-dev-pl\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev","description":"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pl_PL","og_type":"article","og_title":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev","og_description":"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.","og_url":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/","og_site_name":"IT-Dev","article_publisher":"https:\/\/www.facebook.com\/ITDevWroc\/","article_published_time":"2025-07-23T18:36:39+00:00","article_modified_time":"2025-09-15T12:37:37+00:00","og_image":[{"width":800,"height":563,"url":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp","type":"image\/webp"}],"author":"Tomasz Sza\u0142aj","twitter_card":"summary_large_image","twitter_creator":"@IT_Dev","twitter_site":"@IT_Dev","twitter_misc":{"Napisane przez":"Tomasz Sza\u0142aj","Szacowany czas czytania":"3 minuty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#article","isPartOf":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/"},"author":{"name":"Tomasz Sza\u0142aj","@id":"https:\/\/test.it-dev.eu\/pl\/#\/schema\/person\/41e6b7562e4a3c8f277f37fb5ca8aadb"},"headline":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770)","datePublished":"2025-07-23T18:36:39+00:00","dateModified":"2025-09-15T12:37:37+00:00","mainEntityOfPage":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/"},"wordCount":564,"publisher":{"@id":"https:\/\/test.it-dev.eu\/pl\/#organization"},"image":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#primaryimage"},"thumbnailUrl":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp","articleSection":["Blog","Sharepoint"],"inLanguage":"pl-PL"},{"@type":"WebPage","@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/","url":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/","name":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770) - IT-Dev","isPartOf":{"@id":"https:\/\/test.it-dev.eu\/pl\/#website"},"primaryImageOfPage":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#primaryimage"},"image":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#primaryimage"},"thumbnailUrl":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp","datePublished":"2025-07-23T18:36:39+00:00","dateModified":"2025-09-15T12:37:37+00:00","description":"Nowa luka CVE-2025-53770 w SharePoint on-premises umo\u017cliwia atak RCE. Sprawd\u017a, jak si\u0119 chroni\u0107 i kt\u00f3re wersje s\u0105 podatne.","breadcrumb":{"@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#breadcrumb"},"inLanguage":"pl-PL","potentialAction":[{"@type":"ReadAction","target":["https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/"]}]},{"@type":"ImageObject","inLanguage":"pl-PL","@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#primaryimage","url":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp","contentUrl":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2025\/07\/Grafika-tytulowa-1-web.webp","width":800,"height":563},{"@type":"BreadcrumbList","@id":"https:\/\/test.it-dev.eu\/pl\/blog-pl\/sharepoint-pl\/zero-day-exploit-w-microsoft-sharepoint-cve-2025-53770\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Strona g\u0142\u00f3wna","item":"https:\/\/test.it-dev.eu\/pl\/"},{"@type":"ListItem","position":2,"name":"Zero-day exploit w Microsoft SharePoint (CVE-2025-53770)"}]},{"@type":"WebSite","@id":"https:\/\/test.it-dev.eu\/pl\/#website","url":"https:\/\/test.it-dev.eu\/pl\/","name":"IT-Dev - Limitless Digital Workplace","description":"We create limitless Digital Workplaces","publisher":{"@id":"https:\/\/test.it-dev.eu\/pl\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/test.it-dev.eu\/pl\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pl-PL"},{"@type":"Organization","@id":"https:\/\/test.it-dev.eu\/pl\/#organization","name":"IT-Dev - Limitless Digital Workplace","url":"https:\/\/test.it-dev.eu\/pl\/","logo":{"@type":"ImageObject","inLanguage":"pl-PL","@id":"https:\/\/test.it-dev.eu\/pl\/#\/schema\/logo\/image\/","url":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2023\/12\/it-dev-logo-696x696-1.png","contentUrl":"https:\/\/test.it-dev.eu\/wp-content\/uploads\/2023\/12\/it-dev-logo-696x696-1.png","width":696,"height":696,"caption":"IT-Dev - Limitless Digital Workplace"},"image":{"@id":"https:\/\/test.it-dev.eu\/pl\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ITDevWroc\/","https:\/\/x.com\/IT_Dev","https:\/\/www.linkedin.com\/company\/it-dev\/","https:\/\/www.youtube.com\/user\/biuroitdev"]},{"@type":"Person","@id":"https:\/\/test.it-dev.eu\/pl\/#\/schema\/person\/41e6b7562e4a3c8f277f37fb5ca8aadb","name":"Tomasz Sza\u0142aj","url":"https:\/\/test.it-dev.eu\/pl\/author\/tszalajit-dev-pl\/"}]}},"_links":{"self":[{"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/posts\/7953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/comments?post=7953"}],"version-history":[{"count":8,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/posts\/7953\/revisions"}],"predecessor-version":[{"id":8894,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/posts\/7953\/revisions\/8894"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/media\/8252"}],"wp:attachment":[{"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/media?parent=7953"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/categories?post=7953"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/test.it-dev.eu\/pl\/wp-json\/wp\/v2\/tags?post=7953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}