Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Hackers are exploiting a flaw in a commonly used Microsoft program to gain access to passwords, sensitive data and more.

A global attack on Microsoft server software used by thousands of government agencies and businesses to share documents within organisations is likely the work of a single actor, a cybersecurity researcher said on Monday.

Microsoft has alerted organizations about active attacks exploiting a vulnerability in SharePoint servers, impacting over 10,000 on-premise installations, including those at businesses and government agencies.

Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.