Resource Center

The Center for Cybersecurity Belgium (CCB) warns organisations about serious vulnerabilities in Microsoft SharePoint Server. This vulnerability allows attackers to execute remote code on unpatched SharePoint servers. This means that malicious actors can use it to gain unauthorised access to systems. This vulnerability is already being actively exploited. The Center for Cybersecurity Belgium (CCB) warns organisations about serious vulnerabilities in Microsoft SharePoint Server. This vulnerability allows attackers to execute remote code on unpatched SharePoint servers. This means that malicious actors can use it to gain unauthorised access to systems. This vulnerability is already being actively exploited.We are treating the recently discovered SharePoint vulnerability as a high priority. Our teams are actively reaching out to Belgian companies that may have been affected by this critical security issue. A patch is available for Microsoft SharePoint Server Subscription Edition and Microsoft SharePoint Server 2019 to address this vulnerability. The CCB strongly recommends installing the security updates as soon as possible. Microsoft's advisory describes how to do this.Who is at risk?Organisations using the following on-premises SharePoint products are affected:Microsoft SharePoint Server Subscription EditionMicrosoft SharePoint Server 2019Microsoft SharePoint Server 2016What should you do?If your organisation uses these SharePoint products, we strongly advise you to:Immediately apply the emergency security patches released by Microsoft. These updates are designed to close the vulnerability and prevent exploitation.Check your systems for signs of compromise. If you suspect that your SharePoint environment has been breached, take action quickly. More informationYou can find our full technical advisory here: Emergency Patch for Exploited SharePoint Vulnerability.Follow the updates on the CCB website.Report an incidentReport any incidents to the CCB via our official incident reporting form.The CCB is committed to protecting Belgian organisations from cyber threats. We will continue to monitor the situation closely, provide updates as needed and contact potential victims.

On 24 February 2025, following a proposal by the European Commission, the Council of the European Union began discussions on a new cybersecurity blueprint On 24 February 2025, following a proposal by the European Commission, the Council of the European Union began discussions on a new cybersecurity blueprint. After several rounds of negotiations through its preparatory bodies, the Council formally adopted the new text today during the Transport, Telecommunications and Energy Council in Luxembourg.BackgroundIn recent years, the European Union has steadily strengthened its approach to comprehensive cyber risk management through various instruments and initiatives. The 2016 Network and Information Security Directive (NIS1 – EU Directive 2016/1148) led to the creation of the CSIRT network, which connects national cybersecurity and incident response teams across all Member States. In response to major incidents like WannaCry, the European Commission issued a recommendation in 2017 (2017/1584) on coordinated response to large-scale cybersecurity incidents—this became known as the “Cyber Blueprint.” However, this recommendation was never formally adopted by Member States and has since become outdated due to the rapidly evolving cyber crisis landscape.In 2019, the EU Agency for Cybersecurity (ENISA) received a strengthened and permanent mandate, enabling it to better support situational awareness and operational coordination across the EU. The following year, the EU Cyber Crisis Liaison Organisation Network (EU-CyCLONe) was established at the request of Member States as an operational coordination layer supported by ENISA. In 2022, the NIS2 Directive (EU Directive 2022/2555) formalised the role of EU-CyCLONe and required Member States to establish dedicated national authorities for cyber crisis management. In 2025, the Cyber Solidarity Act further supports EU-wide situational awareness and coordinated responses.At the same time, large-scale exercises, such as the biannual Cyber Europe and the EU-CyCLEs exercise (held under the French Presidency), have yielded valuable lessons.Moreover, geopolitical developments such as the Russia’s war of aggression against Ukraine, led the EU to increase reliance on digital infrastructure, and a rising number of cyber incidents have significantly heightened the cyber threat landscape. Moreover, reports such as the ENISA State of Cybersecurity and Niinistö Report have called for enhanced European readiness for large-scale cyber crises.Lastly, and under the Belgian Presidency, Council conclusions titled “On the Future of Cybersecurity: Implement and Protect Together” (10133/24) were adopted, calling for a prompt revision of the 2017 Cyber Blueprint in the form of a Council Recommendation.What’s in the New Blueprint?The newly adopted Cybersecurity Blueprint updates the EU’s framework for cyber crisis management. It clearly maps out the roles of relevant EU actors across all phases of a cyber crisis, from preparation and detection to response and recovery.The blueprint aligns with existing EU mechanisms, such as the Integrated Political Crisis Response (IPCR) and the EU Cyber Diplomacy Toolbox and reflects recent policy developments including the Critical Infrastructure Blueprint and the network code on cybersecurity for the electricity sector.Key highlights:Enhances coordination between civilian and military actors, including cooperation with NATO.Reflects goals of the upcoming EU Preparedness Strategy.Promotes secure EU-wide communication systems.The blueprint comprises 13 chapters: aim, scope, and guiding principles; definitions; national structures and responsibilities for cyber crisis management; key networks and actors in the EU cyber crisis ecosystem; preparation for large-scale incidents and crises; detection of incidents with potential to escalate; EU-level response coordination; public communication strategies; diplomatic response and international cooperation; coordination with military actors; recovery and lessons learned; secure communications; and, final provisions.The document is guided by the principles of proportionality, subsidiarity, complementarity, and confidentiality.Why It Matters to the CCBThe Centre for Cybersecurity Belgium (CCB) played a leading role in shaping Belgium’s position during the negotiations, led by its International Relations department and in close cooperation with the Permanent Representation to the EU.As Belgium’s national cybersecurity authority—and the national cyber crisis management authority designated under the Royal Decree transposing the NIS2 Directive—the CCB is responsible for updating and maintaining Belgium’s cyber crisis management framework. Ensuring Belgium’s priorities were effectively reflected in the final EU text was critical to aligning this new EU framework with ongoing national efforts. More about the EU Cyber Blueprint