Microsoft patched the modified attack – tracked as CVE-2023-29324 – during this month’s dump of fixes, rating the bug as “important” but not “critical.” Researchers from Akamai, which found and disclosed the bug, say it merits a critical rating.