#Security Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

**How could an attacker exploit this vulnerability?** An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.

Uncontrolled resource consumption in Windows Kerberos allows an unauthorized attacker to deny service over a network.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.