Microsoft has issued an alert about “active attacks” on server software used by government agencies and businesses to share documents within organizations, and recommended security updates that customers should apply immediately.

Microsoft issued an emergency fix to close off a vulnerability in its SharePoint software that hackers have exploited to carry out widespread attacks on businesses and at least some federal agencies.

A global attack on Microsoft server software used by thousands of government agencies and businesses to share documents within organisations is likely the work of a single actor, a cybersecurity researcher said on Monday.

Microsoft released an emergency security patch on Sunday to “mitigate active attacks targeting on-premises servers.”

Microsoft has alerted organizations about active attacks exploiting a vulnerability in SharePoint servers, impacting over 10,000 on-premise installations, including those at businesses and government agencies.

Hackers exploited a security flaw in common Microsoft Corp. software to breach governments, businesses and other organizations across the globe and steal sensitive information, according to officials and cybersecurity researchers.