You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
microsoft msrc guidance
About this tag
Microsoft MSRC guidance clarifies how Microsoft's Security Response Center (MSRC) describes vulnerability impact versus attack vector. In CVE titles, "Remote Code Execution" refers to the impact—code running on the victim's machine—not necessarily the CVSS attack vector. For example, Word-related advisories often require local file processing despite the RCE label. This tag covers MSRC's terminology patterns, helping users interpret CVE descriptions accurately for troubleshooting and security assessments.
In Microsoft’s terminology, the phrase “Remote Code Execution” in the CVE title describes the impact of the bug, not necessarily the CVSS attack vector. In other words, if the vulnerability is successfully triggered, the attacker can cause code to run on the victim’s machine, but the exploit...