Shaowei Yan

**Name of the Vulnerable Software and Affected Versions** Microsoft Defender (affected versions not specified) **Description** A heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network. A heap-based buffer overflow occurs when an application writes more data to a heap-allocated memory block than it can hold, potentially corrupting adjacent memory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Ancillary Function Driver for WinSock (affected versions not specified) **Description** A flaw exists in the Windows Ancillary Function Driver for WinSock that could allow a local attacker to gain elevated privileges. The issue is related to memory management, specifically memory not allocated on the heap. Successful exploitation of this issue could lead to a local privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** An issue exists in the Windows Cloud Files Mini Filter Driver where an untrusted pointer dereference can occur. This can allow a locally authorized attacker to gain elevated privileges. The issue allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.