Microsoft said the vulnerability affects only on-site SharePoint servers used within businesses or organizations, and does not affect Microsoft’s cloud-based SharePoint Online service.