{"id":299,"date":"2018-05-08T20:42:20","date_gmt":"2018-05-08T20:42:20","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=131811"},"modified":"2018-05-08T20:42:20","modified_gmt":"2018-05-08T20:42:20","slug":"may-patch-tuesday-fixes-two-bugs-under-active-attack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/","title":{"rendered":"May Patch Tuesday Fixes Two Bugs Under Active Attack"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2017\/05\/06224854\/Microsoft-patch-tuesday-end.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>Microsoft\u2019s May Patch Tuesday fixes include two critical remote code-execution vulnerabilities, both of which are under active attack.<\/p>\n<p>The most serious of the two is tied to a Windows 10 VBScript engine and can be triggered when a victim visits a malicious website.<\/p>\n<p>\u201cA user need only visit a malicious website to have attacker-control code execute on their machine,\u201d according to Microsoft\u2019s description of the bug (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8174\">CVE-2018-8174<\/a>). The flaw could also be used in conjunction with a malicious ActiveX control marked \u201csafe for initialization\u201d in an app, Office Doc or within IE\u2019s rendering engine, Microsoft said.<\/p>\n<p>The second bug under active exploit is an elevation of privilege vulnerability (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8120\">CVE-2018-8120<\/a>) impacting a Windows Win32k component. \u201cAn attacker who successfully exploited this (Win32k) vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights,\u201d according to Microsoft.<\/p>\n<p>The Win32k subsystem is juicy target for attackers and typically used to escape a system sandbox because of its large attack surface and its 1,200 APIs. Both Windows 7 (32\/64-bit) and Server 2008 R2 are vulnerable to the Win32k bug.<\/p>\n<p>In total, Microsoft\u2019s May Patch Tuesday roundup included 68 security patches, with 21 listed as critical, 45 rated important and two listed low in severity.<\/p>\n<p>\u201cBrowser bugs are again in the spotlight with 17 critical- and seven important-rated browser vulnerabilities patched this month,\u201d wrote ZDI researchers in the company\u2019s Patch Tuesday commentary. \u201cThere are also quite a few Office-related patches for May, with the most important being those for Outlook and SharePoint.\u201d<\/p>\n<p>Also receiving patches this month is Microsoft\u2019s Hyper-V hypervisor software, used to manage multiple virtual machines. According to Gill Langston, in\u00a0<a href=\"https:\/\/blog.qualys.com\/laws-of-vulnerabilities\/2018\/05\/08\/may-2018-patch-tuesday-medium-weight-but-one-active-exploit-needs-attention\">Qualys\u2019 Patch Tuesday commentary<\/a>, the two Hyper-V bugs could enable a guest operating system to compromise the host. \u201c<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-0961\">CVE-2018-0961<\/a>\u00a0addresses abuse of vSMB packets, while\u00a0<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-0959\">CVE-2018-0959<\/a>\u00a0could allow arbitrary code execution on the host from a guest OS,\u201d he said.<\/p>\n<p>He added, \u201cWhile the vulnerabilities are rated as exploitation less likely, it may be time to deploy Hyper-V updates as it has been getting more updates.\u201d<\/p>\n<p>Part of Microsoft\u2019s May Patch Tuesday CVE roundup also includes two official \u201cpublic disclosures.\u201d According to Chris Goettl, director of product management at Ivanti, these type of disclosures are for when a \u201cvulnerability has been identified, and there is enough proof-of-concept code or documentation regarding how the vulnerability works that a threat actor has an advantage on creating an exploit before companies will have a chance to push an update.\u201d<\/p>\n<p>Microsoft lists one of them as <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8141\">CVE-2018-8141<\/a>, impacting Windows 10 and Windows Server (version 1709). \u201c[The bug] is an information disclosure vulnerability in the Windows Kernel that could allow an attacker to gain additional information to further compromise the system,\u201d the software giant said.<\/p>\n<p>The second is a Windows image elevation of privilege vulnerability, (<a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8170\">CVE-2018-8170<\/a>), tied Windows 10 and Windows Server (version 1709), which could allow for an attacker to carry out an elevation-of-privilege attack against affected systems. In both cases, an attacker would need to have logged on or gained locally authenticated access to the system to exploit, according to Goettl.<\/p>\n<p>Read More <a href=\"https:\/\/threatpost.com\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/131811\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In total, Microsoft\u2019s May Patch Tuesday roundup included 68 security patches, with 21 listed as critical, 45 rated important and two listed low in severity. Read More HERE&#8230;<\/p>\n","protected":false},"author":1,"featured_media":300,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[170,171,172,173,174,19,69,175],"class_list":["post-299","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-activex-control","tag-may-patch-tuesday","tag-microsofts-may-patch-tuesday","tag-patch-tuesday","tag-vbscript","tag-vulnerabilities","tag-web-security","tag-win32k-bug"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-08T20:42:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"680\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"thadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@thadmin\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"thadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/\"},\"author\":{\"name\":\"thadmin\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/b07e00649871a6dd150cd57b33f7db66\"},\"headline\":\"May Patch Tuesday Fixes Two Bugs Under Active Attack\",\"datePublished\":\"2018-05-08T20:42:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/\"},\"wordCount\":539,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg\",\"keywords\":[\"ActiveX control\",\"May Patch Tuesday\",\"Microsoft\u2019s May Patch Tuesday\",\"patch tuesday\",\"VBScript\",\"Vulnerabilities\",\"Web Security\",\"Win32k bug\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/\",\"name\":\"May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg\",\"datePublished\":\"2018-05-08T20:42:20+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/05\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg\",\"width\":680,\"height\":400},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/may-patch-tuesday-fixes-two-bugs-under-active-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ActiveX control\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/activex-control\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"May Patch Tuesday Fixes Two Bugs Under Active Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/b07e00649871a6dd150cd57b33f7db66\",\"name\":\"thadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"caption\":\"thadmin\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/thadmin\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/","og_locale":"en_US","og_type":"article","og_title":"May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-08T20:42:20+00:00","og_image":[{"width":680,"height":400,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg","type":"image\/jpeg"}],"author":"thadmin","twitter_card":"summary_large_image","twitter_creator":"@thadmin","twitter_site":"@threatshub","twitter_misc":{"Written by":"thadmin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/"},"author":{"name":"thadmin","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66"},"headline":"May Patch Tuesday Fixes Two Bugs Under Active Attack","datePublished":"2018-05-08T20:42:20+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/"},"wordCount":539,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg","keywords":["ActiveX control","May Patch Tuesday","Microsoft\u2019s May Patch Tuesday","patch tuesday","VBScript","Vulnerabilities","Web Security","Win32k bug"],"articleSection":["Threatpost"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/","url":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/","name":"May Patch Tuesday Fixes Two Bugs Under Active Attack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg","datePublished":"2018-05-08T20:42:20+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/may-patch-tuesday-fixes-two-bugs-under-active-attack.jpg","width":680,"height":400},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/may-patch-tuesday-fixes-two-bugs-under-active-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"ActiveX control","item":"https:\/\/www.threatshub.org\/blog\/tag\/activex-control\/"},{"@type":"ListItem","position":3,"name":"May Patch Tuesday Fixes Two Bugs Under Active Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66","name":"thadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","caption":"thadmin"},"sameAs":["https:\/\/x.com\/thadmin"]}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/299","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=299"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/299\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/300"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=299"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=299"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=299"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}