CVE-2023-35628: Windows MSHTML Platform Remote Code Execution Vulnerability

Is the Preview Pane an attack vector for this vulnerability?

The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.