Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Four Decade-Old Microsoft Bugs Exploited by Cybercriminals, Leaving Federal Agencies to Pick Up the Pieces


Four critical Microsoft bugs, some of which were first discovered nearly a decade ago, have been exploited by cybercriminals. The US government has issued an alert, urging federal agencies to patch the vulnerabilities before they are fully utilized. The deadline for patches is April 27. Will these agencies be able to keep up with the latest security threats?

  • Cybersecurity experts have warned that four Microsoft vulnerabilities discovered in 2012 are being exploited by cybercriminals, posing significant risks to federal agencies.
  • The vulnerabilities, including CVE-2025-60710 and CVE-2012-1854, allow for privilege escalation and remote code execution (RCE) in various Microsoft software products.
  • A total of four vulnerabilities are linked to Microsoft software products, with two of them being linked to Windows and Exchange Server.
  • Adobe has also been affected by two newly discovered vulnerabilities, including a use-after-free vulnerability in Acrobat.
  • The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert for federal agencies to apply patches for the vulnerabilities within a two-week timeframe.



    • Cybersecurity experts have sounded the alarm as four vulnerabilities discovered in Microsoft software nearly a decade ago have been exploited by cybercriminals, leaving federal agencies scrambling to patch them before they are fully utilized. The United States' lead cyber-defense agency, the Cybersecurity and Infrastructure Security Agency (CISA), has issued an alert, warning federal agencies that they have two weeks to apply patches for these bugs, which were first discovered in 2012.

    The four vulnerabilities - CVE-2025-60710, CVE-2023-36424, CVE-2023-21529, and CVE-2012-1854 - are all linked to Microsoft software products. The first one, CVE-2025-60710, is a link-following vulnerability in Windows that allows privilege escalation. This bug was initially disclosed by Redmond's security team in November 2025 and was fully fixed just a month later.

    The second vulnerability, CVE-2023-36424, is a flaw in the Windows Common Log File System Driver that also allows for privilege escalation. Microsoft patched this one in November 2023.

    The third vulnerability, CVE-2023-21529, is related to deserialization of untrusted data in Microsoft Exchange Server and enables an authenticated attacker to execute remote code on the server. Redmond disclosed and patched the bug in February 2023. However, just last week, Microsoft's threat hunters warned that a financially motivated crime crew known as Storm-1175 has been exploiting this Exchange bug, along with 15 others, to gain initial access to organizations before stealing their data and deploying Medusa ransomware.

    The fourth vulnerability, CVE-2012-1854, is an insecure library loading vulnerability in Microsoft Visual Basic for Applications that also allows for remote code execution (RCE). Microsoft patched this one in July 2012, followed by a second software update in November 2012. This means a bug first exploited almost 14 years ago is still being used today.

    According to CISA, the four vulnerabilities are "frequent attack vectors for malicious cyber actors" that pose significant risks to federal agencies. The agency has listed these bugs on its Known Exploited Vulnerabilities (KEV) catalog and set an April 27 deadline for all federal agencies to apply patches.

    Furthermore, Adobe has also been affected by two newly discovered vulnerabilities - a use-after-free vulnerability in Acrobat tracked as CVE-2020-9715 and a prototype pollution flaw in Adobe Acrobat and Reader tracked as CVE-2026-34621. The former had been exploited as a zero-day for months before Adobe finally released a patch over the weekend.

    Microsoft's response to these bugs has been somewhat limited, according to some security experts. While the company's threat hunters have issued warnings about the Exploitation of Exchange Server and Medusa Ransomware, they seem to be leaving the onus on individuals to secure their software patches.

    As cybercriminals continue to exploit these vulnerabilities, it highlights the ongoing struggle between cybersecurity agencies and malicious actors in protecting against increasingly sophisticated attacks. With an ever-evolving threat landscape, staying up-to-date with the latest security patches and taking proactive measures to secure your systems is crucial to avoid falling prey to these devastating exploits.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Four-Decade-Old-Microsoft-Bugs-Exploited-by-Cybercriminals-Leaving-Federal-Agencies-to-Pick-Up-the-Pieces-ehn.shtml

  • https://go.theregister.com/feed/www.theregister.com/2026/04/13/ransomware_gang_other_crims_attacking/

  • https://securityshelf.com/2026/04/13/zombie-microsoft-bugs-rise-from-the-dead-pave-way-for-crims-and-ransomware-scum/

  • https://www.onenewspage.com/n/Computer+Industry/1ztf28m6x4/Zombie-Microsoft-bugs-rise-from-the-dead-pave.htm

  • https://nvd.nist.gov/vuln/detail/CVE-2025-60710

  • https://www.cvedetails.com/cve/CVE-2025-60710/

  • https://nvd.nist.gov/vuln/detail/CVE-2023-36424

  • https://www.cvedetails.com/cve/CVE-2023-36424/

  • https://nvd.nist.gov/vuln/detail/CVE-2023-21529

  • https://www.cvedetails.com/cve/CVE-2023-21529/

  • https://nvd.nist.gov/vuln/detail/CVE-2012-1854

  • https://www.cvedetails.com/cve/CVE-2012-1854/


    • Published: Mon Apr 13 17:27:35 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us