Chris Brook over on Threatpost.com reported that a Google Project Zero researcher has uncovered a vulnerability in all currently supported versions of the Windows client operating system that could be used to escalate privileges and in some cases, defeat sandboxing protections by forcing a system process to access a WebDAV UNC path and attack the local SMB server.
Read more about it here: