{"id":56581,"date":"2024-07-15T20:20:33","date_gmt":"2024-07-15T20:20:33","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/36106\/ZDI-Shames-MS-For-Yet-Another-Coordinated-Vuln-Disclosure-Snafu.html"},"modified":"2024-07-15T20:20:33","modified_gmt":"2024-07-15T20:20:33","slug":"zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/","title":{"rendered":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu"},"content":{"rendered":"<p><span class=\"label\">Exclusive<\/span> A Microsoft zero-day vulnerability that Trend Micro&#8217;s Zero Day Initiative team claims it found and reported to Redmond in May was disclosed and patched by the Windows giant in July&#8217;s Patch Tuesday \u2013 but without any credit given to ZDI.<\/p>\n<p>The flaw, tracked as <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2024-38112\">CVE-2024-38112<\/a>, is in MSHTML aka Trident aka Microsoft&#8217;s proprietary browser engine for Internet Explorer. Redmond <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/07\/10\/july_2024_patch_tuesday\/\" rel=\"noopener\">called<\/a> it a spoofing vulnerability, noted that it was being exploited in the wild, and assigned it a 7.5-out-of-10 CVSS severity score.<\/p>\n<p>ZDI, meanwhile, contends that it&#8217;s a remote code execution flaw, which would likely garner a more critical rating.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;They&#8217;re saying what we reported was a defense-in-depth fix only, but they won&#8217;t tell us what that defense-in-depth fix really is,&#8221; Dustin Childs, head of threat awareness at ZDI, told <em>The Register<\/em> in an exclusive interview.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>We have asked Microsoft for comment, and will update this story if and when we hear back.<\/p>\n<p>This entire series of unfortunate events not only highlights problems with Microsoft&#8217;s bug reporting program, but also the coordinated vulnerability disclosure process in general, according to Childs.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Even up until Friday afternoon, he lamented, &#8220;there are [Trend Micro] people on the phone with Microsoft right now, as we&#8217;re having this conversation, still talking with Microsoft trying to figure out what&#8217;s going on.&#8221;<\/p>\n<p>&#8220;I hate to say this,&#8221; he continued, &#8220;but it seems like they really don&#8217;t have a full grasp of what&#8217;s going on with this patch.&#8221;<\/p>\n<blockquote class=\"pullquote\" readability=\"8\">\n<p>Vendors want the researchers to coordinate with them up front, but once they get the bugs, they stop coordinating with the researchers<\/p>\n<\/blockquote>\n<p>In Childs&#8217;s telling, ZDI spotted the vulnerability and reported it to Microsoft in mid-May. And then the team heard nothing until seeing the software update on Tuesday.<\/p>\n<p>&#8220;It&#8217;s a pretty nifty exploit,&#8221; Childs told <em>The Register<\/em>. &#8220;These threat actors found a way to resurrect a zombie Internet Explorer. They were able to get Internet Explorer to then go out and download an info-stealer, and really they&#8217;re looking for cryptocurrency wallets.&#8221;&nbsp;&nbsp;<\/p>\n<p>Microsoft ostensibly disabled Internet Explorer back in June 2022, and the now-dead browser no longer receives security fixes.&nbsp;Fast forward to 2024, and miscreants are reviving that defunct browser and exploiting it to take over modern Windows systems.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Trend Micro dubbed the miscreants were exploiting CVE-2024-38112 in the wild as Void Banshee. They are a newish nation-state-level cyber-crime crew, and Trend hasn&#8217;t yet linked the gang to a particular region.&nbsp;<\/p>\n<p>According to a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.trendmicro.com\/en_se\/research\/24\/g\/CVE-2024-38112-void-banshee.html\">technical analysis<\/a> of the exploitation of the MSHTML bug, published by Trend&#8217;s Peter Girnus and Aliakbar Zahravi, Void Banshee abused the flaw to target organizations in North America, Europe, and Southeast Asia, to run Atlantida info-stealer malware on people&#8217;s Windows PCs.<\/p>\n<p>If we had to bet on who is behind Void Banshee \u2013 given the ultimate goal seems to be stealing cryptocurrency \u2013 we&#8217;d put our money on North Korea.<\/p>\n<h3 class=\"crosshead\">Credit where credit is due?<\/h3>\n<p>&#8220;So we had reported it to Microsoft, and as of Monday&#8221; \u2013 the day prior to July&#8217;s Patch Tuesday \u2013 &#8220;it was still listed as in development with the MSRC,&#8221; Childs said. This, he added, led ZDI to believe that Redmond wouldn&#8217;t patch the flaw until August. Trend customers, he noted, have been protected since June.<\/p>\n<p>&#8220;Much to our surprise, it was released with this month&#8217;s Patch Tuesday release, which was very interesting because we weren&#8217;t credited at all in the advisory,&#8221; Childs noted.<\/p>\n<p>Microsoft credited Check Point Research&#8217;s Haifei Li with finding and disclosing the bug. We should note it&#8217;s not uncommon for more than one security team to uncover and report the same hole in a product \u2013 especially one that is under active exploitation.<\/p>\n<p>In its report about the Internet Explorer MSHTML bug, Check Point <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/research.checkpoint.com\/2024\/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112\/\">warned<\/a> criminals had been abusing the flaw for at least a year.<\/p>\n<p>Basically, marks are tricked into opening a malicious shortcut file \u2013 which could be stashed in a .zip archive from a dodgy download website \u2013 that activates the Windows PC&#8217;s dormant Internet Explorer, and exploits it to compromise the computer, allowing sensitive and valuable information to be stolen from the victim by malware. That malicious software is introduced post-exploitation as a poisoned HTML application that brings in more bad code to run via VBScript. Patching prevents this from happening.<\/p>\n<p>Even Li seemed surprised by Microsoft&#8217;s July update.<\/p>\n<p>&#8220;This is not the first time Microsoft Security Response Center telling us they&#8217;re going to patch the issue in month X but released the patch earlier without notifying us,&#8221; he <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/x.com\/HaifeiLi\/status\/1810743597127582135\">Xeeted<\/a> on Patch Tuesday. &#8220;Coordinated disclosure can&#8217;t be just one-side coordination.&#8221;<\/p>\n<p>That&#8217;s the real problem here, Childs opined. &#8220;Vendors want the researchers to coordinate with them up front \u2013 but once they get the bugs, they stop coordinating with the researchers, despite what they&#8217;ve publicly said, and researchers are left in a lurch.&#8221;<\/p>\n<p>&#8220;We don&#8217;t know what&#8217;s going on. We don&#8217;t know what&#8217;s coming. We&#8217;re often not credited properly. They spell our names wrong, and we&#8217;re giving them bugs for free.&#8221;<\/p>\n<p>When asked if this is an industry-wide issue or just a Microsoft problem, Childs simply answered: &#8220;Yes.&#8221;<\/p>\n<h3 class=\"crosshead\">Microsoft: Not the only bad guy<\/h3>\n<p>Though ZDI and others have raised this issue specifically to Microsoft in the past, it&#8217;s not limited to Redmond. Phoenix Contact, Autodesk AutoCAD, and Ivanti are &#8220;guilty as well,&#8221; Childs said, noting that Ivanti &#8220;has vastly improved.&#8221;<\/p>\n<p>Previously, ZDI reported 18 bugs to French software giant Dassault Syst\u00e8mes, and the multiple flaws were only given one vulnerability tracker: <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/streaklinks.com\/CClguwYfH9ldbOR09AaldEzr\/https%3A%2F%2Fwww.cve.org%2FCVERecord%3Fid%3DCVE-2024-1847\">CVE-2024-1847<\/a>.&nbsp;<\/p>\n<p>In a similar case, Delta Electronics <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/icsa-24-121-01\">assigned<\/a> one CVE to 17 bug submissions \u2013 an issue that Trend <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/streaklinks.com\/CClguwcrq8CgGU6kDAqf-dF1\/https%3A%2F%2Fyoutu.be%2FIRZKerlQn4c%3Fsi%3DTcccYDVDd7UuvkWC\">covered<\/a> at Black Hat in 2022.&nbsp;<\/p>\n<p>More recently, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/03\/05\/rapid7_jetbrains_vuln_disclosure_dispute\/\" rel=\"noopener\">Rapid7 shamed JetBrains<\/a> for its &#8220;uncoordinated vulnerability disclosure&#8221; of the TeamCity flaws, and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2024\/02\/13\/qnap_latest_vulnerabilities\/\" rel=\"noopener\">QNAP came under fire<\/a> for downplaying the severity of a couple of bugs \u2013 including one zero-day.<\/p>\n<p>&#8220;It&#8217;s creating a situation where it&#8217;s really pushing researchers away from reporting to vendors, which is going to be very problematic in the near future,&#8221; Childs warned.&nbsp;<\/p>\n<p>If bug hunters don&#8217;t report exploits to affected developers, and if those suppliers don&#8217;t accurately disclose the severity and scope of vulnerabilities in their products, customers will end up feeling the pain.<\/p>\n<p>&#8220;It&#8217;s the end users who are going to end up suffering for this,&#8221; Childs opined. &#8220;If they&#8217;re not able to accurately judge the risk to their systems, they might not be able to roll out patches in the appropriate time frame.&#8221;<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2018\/06\/11\/shutterstock_suck_hole.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" width=\"174\" height=\"115\" alt=\"hole\"><\/p>\n<h2 title=\"Fixes have been made, it appears, but disclosure or discussion is invisible\">Big Tech&#8217;s response to my LLM bug report was dire<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2024\/07\/10\/vendors_response_to_my_llmcrasher\/\"><span>READ NEXT<\/span><\/a><\/div>\n<p>This, of course, is an industry-wide problem that many \u2013&nbsp;including the US government \u2013 are working to solve, but it&#8217;s not going to be an easy fix. Trend, for its part, will launch what it&#8217;s calling the Vanguard Awards at this year&#8217;s Black Hat conference in Vegas to highlight researchers and vendors who are winning at vulnerability disclosure and transparent communication.<\/p>\n<p>&#8220;There won&#8217;t be a &#8216;failure&#8217; category, because we&#8217;d rather reward outstanding work rather than highlight mistakes or miscalculations,&#8221; Childs <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.zerodayinitiative.com\/blog\/2024\/7\/15\/uncoordinated-vulnerability-disclosure-the-continuing-issues-with-cvd\">wrote<\/a> in a blog today about the recent Microsoft CVD snafu.<\/p>\n<p>Still, Childs acknowledges that it&#8217;s going to take more than awards to fix the broken system.<\/p>\n<p>&#8220;There&#8217;s nothing really that&#8217;s working right now to incentivize vendors to be better at disclosure,&#8221; he said. &#8220;This is a microcosm of it, but it is an industry problem.&#8221; \u00ae<\/p>\n<h3 class=\"crosshead\">Updated to add at 2030 UTC<\/h3>\n<p>Microsoft says it has now credited ZDI and Trend albeit as a &#8220;defense-in-depth&#8221; hat-tip <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/acknowledgement\">here<\/a> with no link to the MSHTML CVE. Indeed, on the main advisory page for CVE-2024-38112, Check Point is still listed as the sole discover of the bug, according to Redmond.<\/p>\n<p>\u201cThe report from ZDI did not meet the bar for a CVE,&#8221; the Microsoft spokesperson told us today. &#8220;However, a similar report from CheckPoint was issued a CVE and the update addressed both issues.<\/p>\n<p>&#8220;We have since updated our documentation to more accurately reflect the vulnerability that was addressed. We have discussed the issue with both ZDI and Checkpoint and are always looking for ways to improve our communication and support for researchers.\u201d<\/p>\n<p>Check Point&#8217;s Li also <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/x.com\/HaifeiLi\/status\/1812937022820217006\">says<\/a> CVE-2024-38112 seems to have resulted in two patches from Microsoft.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/36106\/ZDI-Shames-MS-For-Yet-Another-Coordinated-Vuln-Disclosure-Snafu.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5505],"class_list":["post-56581","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackermicrosoftflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-15T20:20:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu\",\"datePublished\":\"2024-07-15T20:20:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/\"},\"wordCount\":1415,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,hacker,microsoft,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/\",\"name\":\"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2024-07-15T20:20:33+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/","og_locale":"en_US","og_type":"article","og_title":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-07-15T20:20:33+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu","datePublished":"2024-07-15T20:20:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/"},"wordCount":1415,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,hacker,microsoft,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/","url":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/","name":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2024-07-15T20:20:33+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZpYiD2yYD6y9-3HUVrqMHAAAAME&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/zdi-shames-ms-for-yet-another-coordinated-vuln-disclosure-snafu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflaw\/"},{"@type":"ListItem","position":3,"name":"ZDI Shames MS For Yet Another Coordinated Vuln Disclosure Snafu"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56581","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=56581"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/56581\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=56581"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=56581"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=56581"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}