{"id":55499,"date":"2024-03-05T14:26:35","date_gmt":"2024-03-05T14:26:35","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35611\/Hackers-Exploited-Windows-0-Day-For-6-Months-After-Microsoft-Knew-About-It.html"},"modified":"2024-03-05T14:26:35","modified_gmt":"2024-03-05T14:26:35","slug":"hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/","title":{"rendered":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/11\/zeroday-800x534.jpg\" alt=\"The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/security\/2024\/03\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-of-it\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">57<\/span> <\/a> <\/aside>\n<p> <!-- cache hit 128:single\/related:b0baa5630850aa6e3f3729fd472cca64 --><!-- empty --><\/p>\n<p>Hackers backed by the North Korean government gained a major win when Microsoft left a Windows zero-day unpatched for six months after learning it was under active exploitation.<\/p>\n<p>Even after Microsoft patched the vulnerability last month, the company made no mention that the North Korean threat group Lazarus had been using the vulnerability since at least August to install a stealthy rootkit on vulnerable computers. The vulnerability provided an easy and stealthy means for malware that had already gained administrative system rights to interact with the Windows kernel. Lazarus used the vulnerability for just that. Even so, Microsoft has long said that such admin-to-kernel elevations don\u2019t represent the crossing of a security boundary, a possible explanation for the time Microsoft took to fix the vulnerability.<\/p>\n<h2>A rootkit \u201choly grail\u201d<\/h2>\n<p>\u201cWhen it comes to Windows security, there is a thin line between admin and kernel,\u201d Jan Vojt\u011b\u0161ek, a researcher with security firm Avast, <a href=\"https:\/\/decoded.avast.io\/janvojtesek\/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day\/\">explained<\/a> last week. \u201cMicrosoft\u2019s<a href=\"https:\/\/www.microsoft.com\/en-us\/msrc\/windows-security-servicing-criteria\"> security servicing criteria<\/a> have long asserted that \u2018[a]dministrator-to-kernel is not a security boundary,\u2019 meaning that Microsoft reserves the right to patch admin-to-kernel vulnerabilities at its own discretion. As a result, the Windows security model does not guarantee that it will prevent an admin-level attacker from directly accessing the kernel.\u201d<\/p>\n<p>The Microsoft policy proved to be a boon to Lazarus in installing \u201cFudModule,\u201d a custom rootkit that Avast said was exceptionally stealthy and advanced. Rootkits are pieces of malware that have the ability to hide their files, processes, and other inner workings from the operating system itself and at the same time control the deepest levels of the operating system. To work, they must first gain administrative privileges\u2014a major accomplishment for any malware infecting a modern OS. Then, they must clear yet another hurdle: directly interacting with the kernel, the innermost recess of an OS reserved for the most sensitive functions.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>In years past, Lazarus and other threat groups have reached this last threshold mainly by exploiting third-party system drivers, which by definition already have kernel access. To work with supported versions of Windows, third-party drivers must first be digitally signed by Microsoft to certify that they are trustworthy and meet security requirements. In the event Lazarus or another threat actor has already cleared the admin hurdle and has identified a vulnerability in an approved driver, they can install it and exploit the vulnerability to gain access to the Windows kernel. This technique\u2014known as BYOVD (bring your own vulnerable driver)\u2014comes at a cost, however, because it provides ample opportunity for defenders to detect an attack in progress.<\/p>\n<p>The vulnerability Lazarus exploited, tracked as CVE-2024-21338, offered considerably more stealth than BYOVD because it exploited appid.sys, a driver enabling the Windows AppLocker service, which comes preinstalled in the Microsoft OS. Avast said such vulnerabilities represent the \u201choly grail,\u201d as compared to BYOVD.<\/p>\n<p>In August, Avast researchers sent Microsoft a description of the zero-day, along with proof-of-concept code that demonstrated what it did when exploited. Microsoft didn\u2019t patch the vulnerability until <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2024-21338\">last month<\/a>. Even then, the disclosure of the active exploitation of CVE-2024-21338 and details of the Lazarus rootkit came not from Microsoft in February but from Avast 15 days later. A day later, Microsoft updated its patch bulletin to note the exploitation.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35611\/Hackers-Exploited-Windows-0-Day-For-6-Months-After-Microsoft-Knew-About-It.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55500,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8395],"class_list":["post-55499","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermicrosoftflawpatchzero-day"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-05T14:26:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/11\/zeroday-800x534.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It\",\"datePublished\":\"2024-03-05T14:26:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/\"},\"wordCount\":562,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg\",\"keywords\":[\"headline,hacker,microsoft,flaw,patch,zero day\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/\",\"name\":\"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg\",\"datePublished\":\"2024-03-05T14:26:35+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/03\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,flaw,patch,zero day\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftflawpatchzero-day\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-03-05T14:26:35+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/11\/zeroday-800x534.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It","datePublished":"2024-03-05T14:26:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/"},"wordCount":562,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/03\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg","keywords":["headline,hacker,microsoft,flaw,patch,zero day"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/","name":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/03\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg","datePublished":"2024-03-05T14:26:35+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/03\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/03\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-exploited-windows-0-day-for-6-months-after-microsoft-knew-about-it\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,flaw,patch,zero day","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflawpatchzero-day\/"},{"@type":"ListItem","position":3,"name":"Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55499"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55499\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55500"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}