Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

Hackers are exploiting a flaw in a commonly used Microsoft program to gain access to passwords, sensitive data and more.

A global attack on Microsoft server software used by thousands of government agencies and businesses to share documents within organisations is likely the work of a single actor, a cybersecurity researcher said on Monday.

Microsoft has alerted organizations about active attacks exploiting a vulnerability in SharePoint servers, impacting over 10,000 on-premise installations, including those at businesses and government agencies.

At least 85 servers worldwide have been compromised through a Microsoft service vulnerability that has been used to achieve remote code execution.