Microsoft Security Response Center

Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.

Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.

**How could an attacker exploit this vulnerability?** When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. In one such scenario for this vulnerability, the attacker could convince a victim to connect to an attacker controlled malicious application (for example, SMB) server. Upon connecting, the malicious server could compromise the protocol.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

Improper input validation in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.

Exposure of sensitive information to an unauthorized actor in Windows Speech allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to disclose information locally.

**How can I tell if this issue affects me, and what steps should I take to stay protected?** If you have Azure Monitor Agent extension version 1.37.0 or below you are affected. To protect your device, please upgrade to version 1.37.1 and above.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.