#Security Vulnerability

Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.

**How could an attacker exploit this vulnerability?** An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.

Uncontrolled resource consumption in Windows Kerberos allows an unauthorized attacker to deny service over a network.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.

Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.