I'm not a big fan of the brand new Squirrel QID 372014 and have questioned support #805475 with following concerns;
- the QID is not marked “0 day”, despite there being no patch.
- there is no CVE, so nothing to throw to the techs that might resolve this
- the severity is a 4 despite the CVSS rating of only 4.3
- Microsoft themselves have this to say; “The article discusses a post-exploitation technique. An attacker using this technique must already have access and the ability to run code on the target system. This technique does not allow for elevation of privilege or remote code execution in cases where the attacker does not already have that ability on the target system. We may deal with this as part of normal Teams Development but not as an urgent Security Update.”