Microsoft Security Response Center

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally.

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to cause denial of service on the Hyper-V host environment.

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.