#Security Vulnerability

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to disclose information over a network.

Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally.

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges over a network.

Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.

**Is the Preview Pane an attack vector for this vulnerability?** Yes, the Preview Pane is an attack vector.

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally.

Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.

**What type of information could be disclosed by this vulnerability?** System internal configuration could be disclosed by this vulnerability.