#Security Vulnerability

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver.

Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited the vulnerability could evade Mark of the Web (MOTW) defenses.

Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.