**Name of the Vulnerable Software and Affected Versions:**

Windows (affected versions not specified)

**Description:**

A spoofing vulnerability exists in Windows due to improper external control of file names or paths within Windows Storage and the Remote Procedure Call (RPC) protocol. This allows an attacker to perform spoofing attacks over a network and potentially hijack trusted services, including Windows Defender’s ID. The vulnerability could enable domain privilege escalation and full Active Directory compromise. Approximately 231.6 million services are potentially affected worldwide. The issue is related to an EPM (Encrypted Protocol Message) poisoning attack technique.

**Recommendations:**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.