#vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could exploit this vulnerability by crafting a malicious RTF file. If a user opens the file or it is rendered in the preview pane, the attacker could execute arbitrary code in the user's context.

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Secure Boot.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.