SharePoint Zero‑Day Warning: How Local Governments Can Shield Themselves

City councils, county offices, and Chambers of Commerce face a critical SharePoint zero‑day threat that targets on‑premise servers. This vulnerability actively endangers local document-sharing platforms across Central and South Texas. As trusted tech partners, SoftTouch Systems equips communities, SMBAs, city governments, county agencies, with clear, expert-led defenses. Read on to understand real risks, immediate mitigation steps, and how SoftTouch keeps your vital services secure and operational.

SharePoint Zero-Day Alert: How local governments and chambers can shield themselves. With the help of SofTouch Systems.

What Is the SharePoint Zero‑Day Threat?

Recently, attackers exploited CVE‑2025‑53770, a critical SharePoint zero‑day vulnerability, to launch remote code execution (RCE) attacks known as the “ToolShell” exploit. This flaw bypasses authentication, allowing hackers to install web shells, exfiltrate sensitive data, and steal cryptographic machine keys, all without user interaction.

Major concerns:

  1. Affected infrastructure: On-premise SharePoint 2016, 2019, and Subscription Edition, widely used by local governments and chambers.
  2. Attack scale: Over 75 servers globally were breached before a patch was released.
  3. Key disclosure risk: Machine keys stolen enable persistent access, even after patching.
  4. No impact on SharePoint Online, but on-prem systems remain dangerously vulnerable.

Why This Matters for Local Entities

Local government and community offices use SharePoint to publish meeting minutes, maintain grant documents, share policy files, and communicate internally. Outages, data loss, or unauthorized access can disrupt public trust, violate transparency standards, and place sensitive resident data at risk. In this threat landscape, a SharePoint zero‑day exploit becomes a direct threat to civic operations and community integrity.

Immediate Steps to Harden Your Systems

SoftTouch Systems recommends the following proactive measures:

1. Patch and Update ASAP

  • Apply emergency patches: KB5002754 (2019); KB5002768 (Subscription Edition).
  • Watch closely for the upcoming patch for SharePoint 2016. (Bleeping Computers)

2. Enable AMSI + Defender AV

  • Configure Antimalware Scan Interface (AMSI) integration.
  • Deploy Microsoft Defender Antivirus and Defender for Endpoint on all servers. ( MS Defender)
  • These collectively help intercept malicious ASPX payloads.

3. Rotate Machine Keys

Even patched systems can be vulnerable if key theft occurred. Rotate ASP.NET MachineKeys to invalidate stolen credentials.

4. Threat Hunt for Indicators

Scan logs for POSTs to /_layouts/15/ToolPane.aspx?DisplayMode=Edit and presence of spinstall0.aspx (Guidance). Watch for IPs like 107.191.58.76, 104.238.159.149, and 96.9.125.147 flagged by CISA.

5. Isolate or Disconnect

If unable to patch or enable mitigations, disconnect your SharePoint server from the internet immediately.

6. Monitor & Report

Use continuous logging, SIEM, and SOAR systems. Report incidents to CISA or your local Cyber Center. CISA added this CVE to its Known Exploited Vulnerabilities list on July 20, 2025.

How SofTouch Systems Supports Local Agencies

SoftTouch guides clients through every protective layer:

  • Tech audit to detect vulnerable SharePoint instances.
  • Patch deployment and configuration of AMSI/Defender.
  • Key rotation service to secure after a breach.
  • Threat hunting program with log analysis and IoC scanning.
  • Incident response collaboration for containment and recovery.
  • Ongoing monitoring via SOC-level oversight.

Our goal? To reduce breach risk, ensure compliance, and protect citizen data for Chambers of Commerce, SMBA offices, city and county governments.

Frequently Asked Questions

QuestionAnswer
Does this affect SharePoint Online?No, only on-prem servers.
We are already patched, are we safe?Partially. You must rotate keys and monitor logs too.
What’s the key rotation timeline?We recommend doing it immediately post-patch.
Can we detect an intrusion retrospectively?Yes—with log audits and scanning for

Commodore Makes a Comeback: Introducing the C64 Ultimate

The iconic Commodore 64 has returned with a modern twist, the C64 Ultimate. More than just a collector’s piece, this hardware reboot is positioning itself as a powerful bridge between vintage computing and modern business applications. Whether you’re a retro enthusiast or a small business owner in Central or South Texas looking to inject cost-effective innovation into your tech stack, the C64 Ultimate offers a rare mix of authenticity and practicality.

From Nostalgia to Network Nodes: Why the C64 Ultimate Matters Today

At first glance, it’s easy to view the C64 Ultimate as a sentimental nod to the past. However, it’s much more than that. Built with FPGA-based architecture (not emulation), the C64 Ultimate delivers the original Commodore 64 experience with modern enhancements like HDMI, Bluetooth, and Wi-Fi. That makes it an ideal tool not just for hobbyists, but for small business owners and tech educators seeking lightweight, low-power, and highly programmable machines for STEM education, training labs, and even customer-facing kiosks.

In South and Central Texas, where local business budgets are tight and reliability matters, this type of versatile, no-frills computing can quietly shine.

SMB Applications: How Retro Tech Solves Modern Problems

Here’s where the C64 Ultimate steps into real-world use:

1. STEM Training & Internal IT Education

Businesses can use the C64 Ultimate as part of internal upskilling programs. Its simplified programming environment (like BASIC) gives employees a foundation in computing logic, which enhances problem-solving skills and tech literacy.

2. Customer Interaction Terminals

Want an affordable, durable, and nostalgic check-in kiosk for your retail or service business? The C64 Ultimate, with HDMI and modern peripherals, can be adapted into unique customer-facing devices.

3. Cybersecurity Sandboxing

The self-contained nature of the C64 Ultimate means you can test, simulate, and train employees on basic cybersecurity attacks and resilience without touching your live network.

Built to Last: Specs & Models

Available in three configurations, the C64 Ultimate caters to different preferences:

ModelKey FeaturesPrice
Basic BeigeClassic design, USB keyboard, HDMI, Wi-Fi, BASIC-ready out of box$299
StarlightTransparent case, RGB lighting, 1980s meets gamer chic$349
FoundersCollector’s edition, signed memorabilia, gold trim, limited run$499

All models include modern ports and legacy cartridge support, making them perfect for interfacing with both old and new tech.

The different Types of Cybersecurity: Network, Cloud, IoT, Mobile, and Endpoint security all managed by SofTouch Systems.

Practical Benefits for Texas SMBs

If you’re running a family-owned shop in San Marcos or a tech services startup in San Antonio, the C64 Ultimate offers these key advantages:

  • Low energy consumption: Great for off-grid setups or mobile operations.
  • Hardware-level reliability: No OS bloat, minimal points of failure.
  • Easy maintenance: Repairs and replacements can be handled in-house with basic tools and guides.

Plus, for businesses with a “maker” mindset or educational outreach goals, the C64 Ultimate is a conversation starter and a functional showpiece.

A Strategic Opportunity for IT Managers

Forward-thinking MSPs and IT leads should consider adding the C64 Ultimate to their training labs or demo floors. It serves as an educational sandbox, showing the evolution of computing while reinforcing essential IT concepts. For companies selling or managing IT services, demonstrating this evolution builds trust and positions your business as an expert in both legacy and modern systems.

Market Limitations to Consider

While the C64 Ultimate brings a lot to the table, there are caveats:

  • It’s not a daily workstation. Tasks like spreadsheets, email, and cloud apps are outside its scope.
  • It has limited scalability. You won’t be deploying dozens of these in a corporate environment.
  • Software licensing for classic games and apps is fragmented and limited by IP ownership complications.

However, none of this should discourage strategic use. When integrated thoughtfully, it enhances business storytelling, staff training, and innovation culture.

Final Verdict: Worth It for Forward-Looking Businesses?

Absolutely, if you know how to use it. The C64 Ultimate isn’t just for collectors. It’s a retro-tech platform that reminds us of where we’ve been, while offering clever ways to innovate at the edge. For businesses in Texas that pride themselves on practicality, ingenuity, and local flavor, it’s a worthwhile investment that pays off in education, inspiration, and low-power performance.

Free Consultation: Tech Assessments for SMBs

Check out our latest blog post about a new “wifi-less” messaging service HERE.

Tom’s Hardware: C64 Ultimate Review

How to Choose a Vetted IT Partner for Local Government Success

In today’s fast-paced digital landscape, local governments rely more than ever on technology, not just for internal operations, but for public trust, civic transparency, and economic development. But when it’s time to upgrade IT infrastructure or secure city systems, how can a mayor, city manager, or county clerk confidently choose the right technology partner?

The wrong choice can cost your community thousands of dollars in budget overruns, downtime, or even data breaches. The right partner can make your systems more secure, responsive, and cost-efficient, while helping you meet compliance mandates with confidence.

This guide gives city and state leaders a practical, plain-English framework to evaluate and choose an IT provider you can trust.

1. Look for Experience Working with Local Governments

IT needs in the public sector are vastly different from the private sector. You’re often working with:

  • Fixed annual budgets
  • Older or legacy systems
  • Sensitive citizen data
  • Public records and compliance mandates

Make sure the IT vendor has experience navigating these complexities. Ask for references from other municipalities, economic development agencies, or Chambers of Commerce. Bonus if they understand state-specific data laws or grant funding workflows.

Ask this: “Can you share an example of how you helped a city or agency like ours modernize or secure its systems?”

2. Insist on Security-First Services

Cyberattacks against small cities and counties are on the rise. Ransomware attacks alone have cost local governments over $1 billion in the last five years. A reliable IT partner will lead with security-by-design, not just add it as an afterthought.

Look for services that include:

  • Network segmentation
  • Regular vulnerability scans
  • Endpoint protection
  • Multifactor authentication
  • Staff security training
  • Backup & disaster recovery protocols

Red flag: If your vendor doesn’t bring up security in the first meeting, walk away.

3. Understand Their Pricing Model

Governments thrive on transparency, and so should your IT vendor. Whether it’s hourly, retainer-based, or full Managed Service, you should know:

  • What’s covered
  • What’s not covered
  • How overages are handled
  • How pricing will scale over time

Ask if they offer flat-rate packages for municipalities or grant-friendly bundles.

Ask this: “Can you show us a sample invoice or contract so we know exactly what to expect?”

4. Evaluate Their Documentation & Communication

Tech partnerships can fall apart simply because your staff can’t understand what’s going on. A trustworthy vendor should:

  • Offer clear, jargon-free communication
  • Provide documented processes (onboarding, response times, change requests)
  • Share regular reports on system health and risk posture

Ask this: “How do you communicate issues, fixes, and reports to non-technical staff or elected officials?”

5. Prioritize Responsiveness and SLAs

City departments don’t have time to wait three days for an email reply. Ask about the vendor’s response time guarantees (SLAs) and escalation processes.

Look for 24/7 emergency support and clear procedures for:

  • Service outages
  • Data loss
  • Security breaches
  • Staff changes (onboarding/offboarding)

Ask this: “What happens when our email server goes down at 9PM on a Saturday?”

6. Confirm Integration Compatibility

If your city uses GIS, 311 systems, utility billing, or court management software, your IT partner should know how to integrate or support it. Ask if they’ve worked with:

  • Tyler Technologies
  • CivicPlus
  • Laserfiche
  • ArcGIS
  • OpenGov
  • Other industry-specific platforms

They don’t have to be experts in all, but they do need a track record of working with civic platforms and APIs.

7. Demand a Partnership, Not a Transaction

You’re not buying a widget, you’re choosing a partner that helps your city run smoothly, stay safe, and serve the public with integrity. Choose a team that aligns with your values: transparency, civic duty, and responsiveness.

Ask this:
“How do you support city staff beyond troubleshooting? Do you offer strategic planning, training, or quarterly reviews?”

You Deserve a Partner Who Cares as Much as You Do

Your role is to serve the people. Ours is to make sure technology helps you do that, securely, efficiently, and affordably.

At SofTouch Systems, we specialize in helping local governments and Chambers of Commerce modernize their infrastructure, secure sensitive data, and build long-term resilience, all with clear pricing and a hometown touch.

Schedule a no-obligation consultation today to find out how we can help your community thrive in a digital-first world.