#windows

**According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability?** An authorized attacker with low privileges creates a scheduled task that is set to run when a user logs on and spoofs interfaces that belong to many services so the victim can connect to the attacker's server instead of the original.

**According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.

**According to the CVSS metric, the attack vector is local (AV:L) while user interaction is required (UI:R). What does that mean for this vulnerability?** An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability.

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

**According to the CVSS metric, the attack vector is network (AV:N), user interaction is required (UI:R), and privileges required are none (PR:N). What does that mean for this vulnerability?** Exploitation of this vulnerability requires an unauthorized attacker to wait for a user to initiate a connection to a malicious server that the attacker has set up prior to the user connecting.

Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.

Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network.

No cwe for this issue in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.