{"id":52716,"date":"2023-07-11T23:38:03","date_gmt":"2023-07-11T23:38:03","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/"},"modified":"2023-07-11T23:38:03","modified_gmt":"2023-07-11T23:38:03","slug":"miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/","title":{"rendered":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws"},"content":{"rendered":"<p><span class=\"label\">Patch Tuesday<\/span> Microsoft today addressed 130 CVE-listed vulnerabilities in its products \u2013 and five of those bugs have already been exploited in the wild.<\/p>\n<p>A full list of security updates and advisories in this month&#8217;s Patch Tuesday batch <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2023-Jul\" rel=\"nofollow\">can be found here<\/a> from the IT giant, or <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.zerodayinitiative.com\/blog\/2023\/7\/10\/the-july-2023-security-update-review\">here<\/a> from the ZDI. In summary, there are fixes for Windows, Office, .NET and Visual Studio, Azure Active Directory and DevOps, Dynamics, printer drivers, Redmond&#8217;s DNS Server, and Remote Desktop.<\/p>\n<p>Of the 130 vulnerabilities, nine are deemed critical, and many of the rest are relatively serious. Let&#8217;s start with the ones under active attack.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>First, there&#8217;s <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36884\">CVE-2023-36884<\/a>: a remote-code execution flaw that can be exploited by maliciously crafted Microsoft Office files. Getting a target to open one of these documents on a vulnerable machine will result in their PC being compromised.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Crucially, there is no patch yet for CVE-2023-36884, and one may be provided via an emergency update or future scheduled Patch Tuesday, we&#8217;re told. Microsoft went public early with some details of the flaw because a Russian crew, dubbed Storm-0978, apparently used the vulnerability to <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/07\/11\/storm-0978-attacks-reveal-financial-and-espionage-motives\/\" rel=\"nofollow\">target attendees<\/a> of the ongoing <a href=\"https:\/\/www.nato.int\/cps\/en\/natohq\/news_217051.htm\" rel=\"nofollow\">NATO summit<\/a> in Lithuania on Russia&#8217;s invasion of Ukraine.<\/p>\n<p>Storm-0978, also known as <a href=\"https:\/\/www.theregister.com\/2023\/06\/01\/ukraine_romcom_malware\/\">RomCom<\/a> and DEV-0978, is known to carry out opportunistic ransomware campaigns \u2013 infecting vulnerable organizations as the crooks find them \u2013 as well as prey upon specific targets to harvest their access credentials for Russian intelligence, according to Microsoft. Along with government IT systems, Storm-0978 has also allegedly attacked telecom and finance organizations in Europe and the US.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents,&#8221; the Windows giant said in its advisory. As there is no fix yet, Redmond urged people to use some good old-fashioned attachment blocking.<\/p>\n<p>The other four actively exploited issues do have patches available, and are conveniently divided into two categories: software security feature bypasses, and privilege escalation issues.<\/p>\n<p>Let&#8217;s start with the security bypasses: CVE-2023-32049 in <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-32049\" rel=\"nofollow\">Windows SmartScreens<\/a>, and CVE-2023-35311 in <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-35311\" rel=\"nofollow\">Microsoft Outlook<\/a>. In both cases, clicking on a maliciously crafted URL will lead to the victim&#8217;s PC being compromised.<\/p>\n<p>And for the privilege escalation: CVE-2023-32046 in the <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-32046\" rel=\"nofollow\">MSHTML<\/a> browser engine, and CVE-2023-36874 in the Windows <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-36874\" rel=\"nofollow\">Error Reporting Service<\/a>. In the case of the browser engine, tricking a mark into opening a specially crafted file \u2013 such as an email attachment, or a file embedded in a webpage \u2013 is enough to trigger exploitation.<\/p>\n<p>As for the others, there are scores of them. From remote-code execution flaws in <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33152\">Microsoft Access<\/a> and <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-33134\">SharePoint Server<\/a> (albeit requiring authentication), to various kernel-level privilege-elevation holes. Check the lists for products you care about.<\/p>\n<h3 class=\"crosshead\">Apple messes up another rapid security response<\/h3>\n<p>Coincidentally, Apple published so-called Rapid Security Response (RSR) patches a day ahead of Patch Tuesday for Webkit vulnerabilities in <a href=\"https:\/\/support.apple.com\/en-us\/HT213823\" rel=\"nofollow\">iOS\/iPadOS<\/a> and <a href=\"https:\/\/support.apple.com\/en-us\/HT213825\" rel=\"nofollow\">macOS<\/a>.<\/p>\n<p>Unfortunately, those patches were a little too good at blocking web content that could cause arbitrary code execution on vulnerable devices, and today Cupertino told users they may want to <a href=\"https:\/\/support.apple.com\/en-us\/HT213827\" rel=\"nofollow\">uninstall the RSR<\/a> if they find they&#8217;re unable to view stuff on the web.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Apple is aware of an issue where recent Rapid Security Responses might prevent some websites from displaying properly,&#8221; the iMaker said. &#8220;Rapid Security Responses \u2026 will be available soon to address this issue,&#8221; if that makes you feel better.<\/p>\n<p>This is just the latest glitched RSR Apple has issued since it started publishing these updates this year. The first time it tried to push RSRs, multiple users reported <a href=\"https:\/\/www.theregister.com\/2023\/05\/02\/apple_rapid_patch\/\">failed<\/a> patching attempts.<\/p>\n<h3 class=\"crosshead\">SAP users in the oil and gas industry should get patching<\/h3>\n<p>SAP published <a href=\"https:\/\/onapsis.com\/blog\/sap-security-patch-day-july-2023\" rel=\"nofollow\">18 security updates<\/a> as part of its July batch [<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/dam.sap.com\/mac\/app\/e\/pdf\/preview\/embed\/ucQrx6G?ltr=a&amp;rc=10\">PDF<\/a>] of patches, including a fix for a critical issue in its IS-OIL software for the oil and gas industry.&nbsp;<\/p>\n<p>The <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/me.sap.com\/notes\/3350297\">bug<\/a>, which has a CVSS score of 9.1 out of 10, allows an authenticated attacker to inject arbitrary OS commands into an at-risk deployment. &#8220;Patching is strongly recommended since a successful exploit of this vulnerability has a high impact on confidentiality, integrity, and availability of the affected SAP system,&#8221; infosec outfit Onapsis advised.&nbsp;<\/p>\n<p>Important patches are also available for SAP Solutions Manager, Web Dispatcher and ICM, we&#8217;re told.&nbsp;<\/p>\n<h3 class=\"crosshead\">ICS fixes for Schneider, Siemens essential<\/h3>\n<p>Industrial control systems makers Schneider Electric and Siemens have emitted patches for their equipment.<\/p>\n<p>Siemens updated several advisories and published five new ones <a href=\"https:\/\/new.siemens.com\/global\/en\/products\/services\/cert.html?d=2023-07#SecurityPublications\" rel=\"nofollow\">today<\/a>, covering vulnerabilities in Ruggedcom ROX devices that can lead to information disclosure or remote-code execution, and issues in Simantic CN 4100 comms systems that could give a user total control of a device and the ability to bypass network isolation.&nbsp;<\/p>\n<p>Schneider&#8217;s most pressing issue appears to be in version three of its Codesys runtime system, which can be exploited to cause denial of service and remote code execution.<\/p>\n<h3 class=\"crosshead\">Adobe has a quiet month<\/h3>\n<p>Adobe only released two patches, one for <a href=\"https:\/\/helpx.adobe.com\/security\/products\/indesign\/apsb23-38.html\" rel=\"nofollow\">InDesign<\/a> and another for <a href=\"https:\/\/helpx.adobe.com\/security\/products\/coldfusion\/apsb23-40.html\" rel=\"nofollow\">ColdFusion<\/a> that address a combined total of 15 CVEs, 11 of which belong to InDesign, though the worst of which affect ColdFusion.&nbsp;&nbsp;<\/p>\n<p>Users of Adobe&#8217;s web app development platform are faced with a CVSS 9.8 deserialization-of-untrusted-data vulnerability. Along with an improper access control issue and improper restriction of excessive authorization attempts, ColdFusion could be exploited to bypass security features and execute arbitrary code.<\/p>\n<p>InDesign&#8217;s worst issue this month is an out-of-bounds write issue that can lead to arbitrary code execution, and a bunch of out-of-bounds read issues that can result in a memory leak.<\/p>\n<h3 class=\"crosshead\">Android and Mozilla publish puny patches<\/h3>\n<p>Google&#8217;s monthly Android advisory always comes out at its own time, this month on the 5th, and it&#8217;s worth noting a couple of critical <a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2023-07-01\" rel=\"nofollow\">vulnerabilities<\/a> in the Pixel family&#8217;s Google Security Chip and the Titan M that can lead to elevation of privilege and denial of service, respectively. Always install your Android security patches.<\/p>\n<p>Mozilla published a <a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2023-26\/#CVE-2023-3600\" rel=\"nofollow\">single fix<\/a> this month for Firefox, and the <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2023\/07\/05\/firefox_115_browser_windows\/\" rel=\"noopener\">newly released<\/a> Firefox ESR 115.0.2 involving a use-after-free() condition in workers that could lead to a &#8220;potentially exploitable crash.&#8221; Mozilla considers this one high impact, so be sure to install it. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/07\/11\/microsoft_patch_tuesday\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plus: Apple bungles another rapid security response; important ICS updates land; and more Patch Tuesday\u00a0 Microsoft today addressed 130 CVE-listed vulnerabilities in its products \u2013 and five of those bugs have already been exploited in the wild.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-52716","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-11T23:38:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws\",\"datePublished\":\"2023-07-11T23:38:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/\"},\"wordCount\":1037,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/\",\"name\":\"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-07-11T23:38:03+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/","og_locale":"en_US","og_type":"article","og_title":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-11T23:38:03+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws","datePublished":"2023-07-11T23:38:03+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/"},"wordCount":1037,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/","url":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/","name":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-07-11T23:38:03+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZK58nnHdVxRrf6Dw@LRWIAAAAEs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/miscreants-exploit-five-microsoft-bugs-as-windows-giant-addresses-130-flaws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Miscreants exploit five Microsoft bugs as Windows giant addresses 130 flaws"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52716"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52716\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}