Microsoft declared yesterday that a newly identified critical remote code execution flaw in SharePoint is currently being exploited. There is no fix available at this time. As a temporary solution, Microsoft recommends utilizing Microsoft Defender to identify any attacks. To employ Defender, you must first set up the AMSI integration to provide Defender visibility into SharePoint. Recent iterations of SharePoint have the AMSI integration activated by default.