Microsoft’s wide reach as a target prompted attackers to carry out intensive studies on the vulnerabilities and mitigation tools of their products and protocols.
This resulted in a new remote code execution (RCE) WinAPI CreateUri function vulnerability, introduced as part of the CVE-2023-23397 patch.
https://cybersecuritynews.com/poc-relea ... erability/