Microsoft Security Response Center

**How could an attacker exploit this vulnerability?** To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

**How could an attacker exploit this vulnerability?** An authenticated attacker who is on the same intranet as the Exchange server can achieve remote code execution via a PowerShell remoting session.

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on install to be compromised by the attacker.

**Why is this AMD CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please see the following for more information: * AMD-SB-7005

**According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?** An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user.

**How could an attacker exploit this vulnerability?** An authenticated attacker who is on the same intranet as the Exchange server can achieve remote code execution via a PowerShell remoting session.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**Are the updates for the Microsoft Office for Mac currently available?** The security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.