Microsoft has issued an alert about “active attacks” on server software used by government agencies and businesses to share documents within organizations, and recommended security updates that customers should apply immediately.

Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor,

Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.The software giant on Saturday said it was aware of "active attacks" that exploited vulnerabilities in the program,

More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities.

Microsoft is following up and is also releasing a patch for the 2016 edition of Sharepoint. Admins should install this immediately.