#vulnerability

**What is the nature of the spoofing?** An attacker could appear as a trusted user when they should not be. This could cause a user to mistakenly trust a signed email message as if it came from a legitimate user.

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.

**How could an attacker exploit this vulnerability?** This vulnerability could be exploited if an authenticated user opens a specially crafted file locally or browses to that file on a network share when running an unpatched version of Windows. When the user browses or lists the maliciously crafted file that action could cause a crash of the operating system.

**How could an attacker exploit this vulnerability?** An unauthorized attacker could exploit the Windows Bluetooth driver vulnerability by programmatically running certain functions that could lead to remote code execution on the Bluetooth component.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?** This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**Is the Preview Pane an attack vector for this vulnerability?** The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane.

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.