{"id":60477,"date":"2026-04-13T21:35:36","date_gmt":"2026-04-13T21:35:36","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/"},"modified":"2026-04-13T21:35:36","modified_gmt":"2026-04-13T21:35:36","slug":"zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/","title":{"rendered":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum"},"content":{"rendered":"<p>Crooks are exploiting four Microsoft vulnerabilities &#8211; one patched 14 years ago and another tied to ransomware activity &#8211; according to America&#8217;s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.<\/p>\n<p>The four vulnerabilities added to CISA&#8217;s <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">Known Exploited Vulnerabilities (KEV) catalog<\/a> on Monday are:<\/p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2025-60710\">CVE-2025-60710<\/a>, a link-following vulnerability in Windows that allows privilege escalation. After initially disclosing this bug in November 2025, <a target=\"_blank\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-60710\">Redmond fully fixed<\/a> it a month later.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2023-36424\">CVE-2023-36424<\/a>, a Windows Common Log File System Driver flaw that allows privilege escalation. <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36424\">Microsoft patched<\/a> this one in November 2023.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2023-21529\">CVE-2023-21529<\/a>, a deserialization of untrusted data issue in Microsoft Exchange Server that allows an authenticated attacker to achieve remote code execution (RCE). <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-21529\">Redmond disclosed and patched<\/a> the bug in February 2023. Just last week, Microsoft&#8217;s threat hunters warned that a financially motivated crime crew tracked as <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/10\/06\/microsoft_blames_medusa_ransomware_affiliates\/\">Storm-1175<\/a> is exploiting this Exchange bug, plus 15 others, to gain initial access to organizations before ultimately stealing their data and <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/04\/06\/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations\/\">deploying Medusa ransomware<\/a> in extortion attacks.<\/p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2012-1854\">CVE-2012-1854<\/a>, an insecure library loading vulnerability in Microsoft Visual Basic for Applications that allows RCE. Microsoft pushed a security fix for this one in July 2012, and then a second software update in November 2012 that fully patched the flaw. At the time, Redmond said it was &#8220;<a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/learn.microsoft.com\/en-us\/security-updates\/securitybulletins\/2012\/ms12-046\">aware of limited, targeted attacks<\/a> attempting to exploit the vulnerability.&#8221; This means a flaw first exploited almost 14 years ago is still turning up in active attacks today.<\/p>\n<p>We&#8217;ve reached out to Microsoft for more details about the scope of exploitation, and who is attacking these four CVEs, and will update this story if we receive any response to our inquiries.<\/p>\n<p>CISA lists ransomware use for all four as &#8220;unknown,&#8221; although according to Redmond, at least one of them (CVE-2023-21529) has been abused for this type of attack.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,dmpu,\" data-sm=\",fluid,mpu,dmpu,\" data-md=\",fluid,mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,&#8221; <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2026\/04\/13\/cisa-adds-seven-known-exploited-vulnerabilities-catalog\">CISA warned<\/a> in adding the bugs to its catalog, and set an April 27 deadline for all federal agencies to apply patches.<\/p>\n<p>Also on Monday, CISA added two Adobe bugs, a use-after-free vuln in Acrobat tracked as&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2020-9715\">CVE-2020-9715<\/a>, and a prototype pollution flaw tracked as <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.cve.org\/CVERecord?id=CVE-2026-34621\">CVE-2026-34621<\/a> that affected both Adobe Acrobat and Reader, to the KEV. The latter had been exploited as a zero-day <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2026\/04\/09\/monthsold_adobe_reader_zeroday_uses\/\">for months<\/a>, and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2026\/04\/13\/adobe_reader_zeroday\/\">Adobe finally released a patch<\/a> over the weekend. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2026\/04\/13\/ransomware_gang_other_crims_attacking\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One was patched almost 14 years ago Crooks are exploiting four Microsoft vulnerabilities &#8211; one patched 14 years ago and another tied to ransomware activity &#8211; according to America&#8217;s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-60477","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-13T21:35:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum\",\"datePublished\":\"2026-04-13T21:35:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/\"},\"wordCount\":418,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/\",\"name\":\"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2026-04-13T21:35:36+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/","og_locale":"en_US","og_type":"article","og_title":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-04-13T21:35:36+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum","datePublished":"2026-04-13T21:35:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/"},"wordCount":418,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/","url":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/","name":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2026-04-13T21:35:36+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/patches&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ad230qoCp9uD55xkXRWM1AAAAw8&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60477"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60477\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}