#auth

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally.

Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.

Use after free in Windows COM allows an unauthorized attacker to execute code locally.

**How could an attacker exploit this vulnerability?** To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.

Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Untrusted pointer dereference in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.

Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.