SharePoint On-Prem Exploited & Keeping on top of changes in M365: Practical 365 Podcast S04E42

Join Steve Goodman, Paul Robichaux, and Bastiaan Verdonk as they delve into the critical security vulnerabilities affecting on-premises SharePoint servers, including the "ToolShell" exploit chain (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771) which enables unauthenticated remote code execution. They discuss the scale of the problem, the threat actors involved, and the crucial need for immediate patching and robust operational practices for any remaining on-premises...

Join Steve Goodman, Paul Robichaux, and Bastiaan Verdonk as they delve into the critical security vulnerabilities affecting on-premises SharePoint servers, including the "ToolShell" exploit chain (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771) which enables unauthenticated remote code execution. They discuss the scale of the problem, the threat actors involved, and the crucial need for immediate patching and robust operational practices for any remaining on-premises deployments.

The conversation then shifts to the overwhelming challenge of managing the constant stream of updates and changes within Microsoft 365. Special guest Tom Arbuthnot shares insights from his work with Empowering Cloud and their "Change Pilot" service, detailing how they use AI and expert review to help organizations navigate the deluge of Message Center notifications, prioritize impactful changes, and manage the communication around them. Discover practical strategies for staying ahead of the curve in the fast-paced world of Microsoft 365.

Want to stay up to date on all things Practical 365?
Follow us on Twitter, Facebook, and Linkedin to stay up to date on all things Microsoft!