Autor: Peter Leibling

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.

Improper access control in Windows Projected File System allows an authorized attacker to elevate privileges locally.

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally.

Use after free in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.

Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.